A cyberattack knocked a Tennessee county’s election website offline during voting

After a distributed denial-of-service attack knocked some servers offline during a local election in Tennessee this week, Knox County is working with an outside security contractor to investigate the cause. The attack took the Knox County Election Commission site displaying results of the county mayoral primary offline during Tuesday night voting. The county resorted to distributing printed results during the outage.

Russia Attacks Global Network Infrastructure Through Vulnerabilities That Extend Far Beyond Their Targets

blog / May 04, 2018

by Sara Boddy

It’s a sad state of Internet affairs when the US government must publish a US-CERT Alert about Russia targeting US entities through negligent network infrastructure misconfigurations.1 In Alert TA18-106A, US-CERT discloses that since 2015, the US government, in partnership with the UK, has been receiving data from numerous sources that “large numbers” of enterprise-class and SOHO (small office/home office)/residential routers and switches worldwide have been compromised, and that the threat actors are indeed from the Russian military. US-CERT alert was quick to point out that Russia “didn’t need to use zero-days or malware to exploit the devices.”

5 Tips to Help Manage Enterprise Security and Compliance

Creating an environment of security and compliance throughout your enterprise can be a challenge as a main goal is to effectively ensure confidentiality, integrity, and availability for compliance goals throughout the environment. When considering the management of enterprise security and compliance, one message should remain at the forefront of our minds: enterprise compliance is not static, and should be under constant review. 

Rooting a Logitech Harmony Hub: Improving Security in Today’s IoT World

Introduction

FireEye’s Mandiant Red Team recently discovered vulnerabilities
present on the Logitech Harmony Hub Internet of Things (IoT) device
that could potentially be exploited, resulting in root access to the
device via SSH. The Harmony Hub is a home control system designed to
connect to and control a variety of devices in the user’s home.
Exploitation of these vulnerabilities from the local network could
allow an attacker to control the devices linked to the Hub as well as
use the Hub as an execution space to attack other devices on the local
network. As the Harmony Hub device list includes support for devices
such as smart locks, smart thermostats as well as other smart home
devices, these vulnerabilities present a very high risk to the users.

How VC John Doerr Sets (and Achieves) Goals

Executive Summary

John Doerr, the venture capitalist who’s funded companies including Google, Intuit, and Amazon, describes a system he calls “Objectives and Key Results,” or OKR, the subject of his new book. He learned it from Intel CEO Andy Grove in the 1970s, and has taught it to hundreds of organizations since then. He views it as a significant improvement over traditional methods of setting goals. In the OKR system, the objective is what you want to have accomplished. The key results are how you’re going to get it done. Doerr says this transparency helps organizations be more focused, aligned, and committed in their work.

Cisco rolls out new wave of must-install WebEx patches

Cisco has released several patches for users of WebEx clients and its Access Control System, all of which are mandatory if users want to keep using the products safely. The release comes two weeks after the networking giant issued critical patches for an array of WebEx installments.

Botception with Necurs: Botnet distributes script with bot capabilities | Avast Threat Labs

Over the past few days, we have been analyzing a development with the Necurs botnet – a cybercrime operation dating back to 2012 that quickly became one of the largest spam botnets in the world. We reported on the infamous cybergang responsible for the distribution of global malware campaigns such as “Locky” and “GlobeImposter” in two blog posts (here and here) that explained how malware is spread via Necurs. And now we have seen a new link to that chain with attackers serving brand new files via the same botnet. These files are spreading malicious Visual Basic Scripts (VBScripts) and our analysis suggests that the authors are using the services provided by the Necurs botnet to reach more victims. The ultimate goal of the attackers is to make systems vulnerable to attacks with the ability to steal personal data and to infect them with keyloggers, banking malware, and ransomware.

FacexWorm

Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. FacexWorm propagates in malicious Facebook Messenger messages and only attacks Chrome. Allan Liska, Senior Solutions Architect at Recorded Future has observed this evolved / advancing threat and commented below.

Vulnerabilities Affecting Over One Million Dasan GPON Routers Are Now Under Attack

Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control. From a report: Attacks started yesterday, Thursday, May 3, according to Netlab, the network security division of Chinese cyber-security vendor Qihoo 360. Exploitation of these two flaws started after on Monday, April 30, an anonymous researcher published details of the two vulnerabilities via the VPNMentor blog. His findings detail two flaws — an authentication bypass (CVE-2018-10561) and a remote code execution vulnerability (CVE-2018-10562). The most ludicrous of these two flaws is the first, which basically allows anyone to access the router’s internal settings by appending the “?images” string to any URL, effectively giving anyone control over the router’s configuration.

The ‘Race to 5G’ Is Just Mindless Marketing Bullshit

For several years now, wireless carriers have been busy telling anybody who’d listen that fifth-generation (5G) wireless will be a game-changing broadband revolution. Time and time again, their marketing departments have breathlessly insisted that everything from smart cities to next-gen medical care will only be possible through the miracle of 5G connections.

This Week in Security News: Zippy’s and Flynn

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Hawaii-based restaurant Zippy’s suffered a POS data breach. In addition, Uber executive John Flynn argued that user expectations on data protection are rising, but consumers still aren’t implementing the right precautions for their own data safety.