SecurityInsider
Le blog des experts sécurité Wavestone

CERT-W: Cybersecurity watch of events from October 21st



You will find below our weekly report on cybersecurity news. Use this brief compilation to support your coffee break small talk!

Cybercrime watch

A man has been sentenced for a 12-year jail time for compromising the Los Angeles court's information system

The attacker leveraged the fact that he was inside the information system to launch a massive phishing campaign on 2 million targets. Federal authorities have been able to arrest the attacker based on the email address used to extort money.

German company Pilz hit by a ransomware attack

The information system of a major captors and command systems provider has been hit by the BitPaymer. There has been no impact on production so far, but all workstation have been removed from the company network for more than a week.

Vulnerability watch

Two major vulnerabilities have been patched in Kubernetes

A critical security update in Kubernetes now protects agains two high-score CVE (2019-16276 and 2019-11253). User must update to the 1.14.8, 1.15.5 or 1.16.2 version.

Amazon products Echo and Kindle vulnerable to Wi-Fi attacks

According to ESET, the KRACK attack (Key Reinstallation Attack) can be used agains the Amazon Echo or the 8th generation Kindle. This attack would allow decrypting the communication or at least perform a denial of service attack.

Weekly top

The top leak - Part of the US gouvernment and military personal data has leeked online

The Autoclerk booking system (used by the Best Western hotel chain) has been the target of a 179GB data leak. Information about the whereabouts and travel plans of US military and gouvernement VIP were present in this leak.

The top exploit - According to security researchers, Google Home and Alexa can be used to spy on their owners

SRLab, a German lab, has highlighted the existence of applications (Skills for Alexa and Actions for Google Home) that would allow eavesdropping on the commands send to the vocal assistants.

The top attack - A NordVPN server has been hacked in 2018

A Finnish VPN provider's server has been compromised in 2018, allowing the usurpation of the nordvpn.com domain as well as the decryption of VPN traffic. The attack was made possible due to the exposure of an administration service online.

Software version watch

Software
Current version
Adobe Flash Player
Adobe Acrobat Reader DC
Java
Mozilla Firefox
Google Chrome
VirtualBox
CCleaner

Vincent CHARRETIER

Aucun commentaire:

Enregistrer un commentaire