Nightfall InfoSec Round-up: November 8 to November 18
Cyber Attacks & Breaches
Retailer Orvis.com Leaked Hundreds of Internal Passwords (Krebs on Security) November 11th
Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers.
Magento Urges Users to Apply Security Update for RCE Bug (Bleeping Computer) November 11th
Magento’s Security Team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability.
Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings (Wired) November 12th
Researchers revealed new versions of a hacking technique that takes advantage of a deep-seated vulnerability in Intel chips. They’re spins on something known as ZombieLoad or RIDL, an acronym for Rogue In-Flight Data Load; Intel refers to it instead as microarchitectural data sampling, or MDS.
VMware patches five security vulnerabilities (SC Magazine) November 13th
VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation.
McAfee antivirus software impacted by code execution vulnerability (ZDNet) November 13th
On Tuesday, the SafeBreach Labs cybersecurity team said that CVE-2019-3648 can be used to bypass McAfee’s self-defense mechanisms, potentially leading to further attacks on a compromised system. The vulnerability exists due to a failure to validate whether or not loading DLLs have been signed.
Code Execution Vulnerability Found In Symantec Endpoint Protection (Symantec) November 18th
The Symantec Endpoint Protection Local Privilege Escalation (LPE) bug now tracked as CVE-2019-12758 requires potential attackers to have Administrator privileges to successfully exploit the issue. While the threat level of this vulnerability is not immediately apparent, such bugs are commonly rated with medium and high severity CVSS 3.x base scores.
Risks & Warnings
Researchers Find New Approach to Attacking Cloud Infrastructure (Dark Reading) November 11th
A new attack vector exists in cloud providers’ application programming interfaces (API), which are accessible through the Internet and give adversaries an opportunity to take advantage and gain highly privileged access to critical assets in the cloud.
5G has security flaws that could let hackers track your location (MIT Technology Review) November 13th
Security researchers have identified 11 design vulnerabilities with 5G protocols that could expose a user’s location, spoof emergency alerts, track phone activity (calls, texts, or web browsing), or silently disconnect the phone from the network altogether.
Passwords should become a thing of the past. Here’s why (World Economic Forum) November 18th
Over the past decade, the average person’s digital footprint has been exposed to increasing numbers of third parties. Now the average consumer manages over 191 pairs of usernames and passwords.
Receive the next edition of Nightfall’s InfoSec Roundup directly via email by subscribing here.
Stuart McClure, CEO and founder of Cylance as well a Nightfall Investor talks about his what sparked his interest in information security as well as how he built prominent security companies like Foundstone and Cylance, the latter of which was acquired by Blackberry for $1.4 billion last year. Stuart shared his thoughts on the importance of AI in cloud security as well as what it takes to innovate in the infosec space.
With Zoom and Slack being used together, there's increased likelihood for Zoom invitations to be shared internally with Slack members who are not authorized to attend these meetings. Learn how Nightfall is addressing the issue.
Enrique Salem, Partner at Bain Capital Ventures & Nightfall board member, shares his thoughts on the COVID-19 pandemic's impact on information security programs as well as advice that's gotten him through his long and distinguished career in the industry.
The complexity of modern information security means that security is no longer just an IT issue. DLP is the responsibility of everyone in your company. Learn how to pick the right solution with this guide.