Security News: October 24, 2019 – PSW #624

 

 

In the news, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to uptick in fatal heart attacks, a woman was ordered to type in her iPhone password so police could search the device, and how the military found Marijuana at a North Dakota nuclear launch facility!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Security News: October 24, 2019

Paul’s Stories

  1. Marijuana found at North Dakota nuclear launch facility
  2. Pot smokers, take note: THC breathalyzers are coming
  3. Top 5 ways organizations can secure their IoT devices
  4. Microsoft: Packet loss involving Apple Push Notification Service was latest MFA outage culprit | ZDNet
  5. Deepfakes creep from porn to politics could upend election, experts warn
  6. Ransomware and data breaches linked to uptick in fatal heart attacks
  7. Woman ordered to type in iPhone passcode so police can search device
  8. Vatican launches smart rosary complete with brute-force flaw
  9. Cracking: The Chinese Python Way
  10. UBoat – Proof Of Concept PoC HTTP Botnet Project
  11. IoTopia Framework Aims to Bring Security to Device Manufacturers
  12. Top five tips for building smarter enterprise security – Help Net Security
  13. How to Avoid the Top Three Causes of Data Breaches in 2019
  14. Blue Team Cyber Anxiety
  15. Some ICS Security Incidents Resulted in Injury, Loss of Life: Survey | SecurityWeek.Com
  16. Vulnerability in content distribution networks found by researchers
  17. 5 tips for better cybersecurity
  18. Google Patches More High-Value Chrome Sandbox Escape Vulnerabilities | SecurityWeek.Com
  19. White House kicks infosec team to curb in IT office shakeup

Lee’s Stories

  1. Cozy Bear Didn’t Hybernate as Previously Thought APT29 deploying CobaltStrike BEACON backdoor using a legitimate Department of State document.
  2. Critical Flaw in Cisco Aironet APs CVE-2019-15260 flaw allows in Aironet 1540, 1560, 1800, 2800, 3800 & 4800 can be exploited to achieve remote access to the devices. Patches issued.
  3. Amazon Echo and Kindle Devices Affected by WiFi Bug 1st Generation Echo Devices and eighth generation Kindle devices are vulnerable to KRACK attack (CVE-2017-13077 & CVE-1027-13078) Fixes released earlier this year, verify devices updated.
  4. Most Critical Vulnerabilities Discovered in 2019 so far NetCAT, URGENT/11, SWAPGS, BlueKeep, Thangrycat, SACK Panic, SPOILER, SockPuppe, RAMBleed, Loadash Prototype Pollution, ZOMBIEPOODLE & GOLDENDOODLE, DIRTY SOCK, Thunderclap and Pantsdown.
  5. Bluetooth Hacking Techniques you should know about Bluebugging, Bluejacking, Bluesnarfing and Btlejacking – know what they are and how they are leveraged to steal your data.
  6. Eager iOS Jailbreakrs Tricked into Click Fraud Fake web site offers “Checkrain” (Based on Checkm8) jailbreak, has users install MDM profile, play provided “Pop! Slots” to complete level 8.
  7. Mission Heath Store Hijack undetected for years Asheville, N.C. Mission health website infected with card skimming malware from March 2016 through June 2019. Site completely rebuilt.
  8. Researcher publishes POC Exploit for Android Zero-Day Exploit published for CVE-2019-2215, affecting Pixel 2 and providing kernel level access with an easy step to root. Google purportedly fixed in the October 2019 patch release.
  9. Avast Hacked: Intruder Gained Domain Admin Apparently single-factor VPN credentials stolen, and access mistaken as a false positive. Avast has engaged a third-party forensic company. Apparently was an attempt to further compromise CCleaner users.
  10. US Military Personnel Data Exposed Unsecured Elasticsearch databases in AWS with 179G data from “Autoclerk” exfiltrated. Travel sites impacted – OpenTravel, HAPI Cloud, Synxis impacted.

Hosts

Lee Neely
Lee Neely – Senior Cyber Analyst
Matt Alderman
Matt Alderman – CEO
Paul Asadoorian
Paul Asadoorian – Founder & CTO

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand