Nightfall InfoSec Round-up: November 8 to November 18
Cyber Attacks & Breaches
Retailer Orvis.com Leaked Hundreds of Internal Passwords (Krebs on Security) November 11th
Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers.
Magento Urges Users to Apply Security Update for RCE Bug (Bleeping Computer) November 11th
Magento’s Security Team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability.
Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings (Wired) November 12th
Researchers revealed new versions of a hacking technique that takes advantage of a deep-seated vulnerability in Intel chips. They’re spins on something known as ZombieLoad or RIDL, an acronym for Rogue In-Flight Data Load; Intel refers to it instead as microarchitectural data sampling, or MDS.
VMware patches five security vulnerabilities (SC Magazine) November 13th
VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation.
McAfee antivirus software impacted by code execution vulnerability (ZDNet) November 13th
On Tuesday, the SafeBreach Labs cybersecurity team said that CVE-2019-3648 can be used to bypass McAfee’s self-defense mechanisms, potentially leading to further attacks on a compromised system. The vulnerability exists due to a failure to validate whether or not loading DLLs have been signed.
Code Execution Vulnerability Found In Symantec Endpoint Protection (Symantec) November 18th
The Symantec Endpoint Protection Local Privilege Escalation (LPE) bug now tracked as CVE-2019-12758 requires potential attackers to have Administrator privileges to successfully exploit the issue. While the threat level of this vulnerability is not immediately apparent, such bugs are commonly rated with medium and high severity CVSS 3.x base scores.
Risks & Warnings
Researchers Find New Approach to Attacking Cloud Infrastructure (Dark Reading) November 11th
A new attack vector exists in cloud providers’ application programming interfaces (API), which are accessible through the Internet and give adversaries an opportunity to take advantage and gain highly privileged access to critical assets in the cloud.
5G has security flaws that could let hackers track your location (MIT Technology Review) November 13th
Security researchers have identified 11 design vulnerabilities with 5G protocols that could expose a user’s location, spoof emergency alerts, track phone activity (calls, texts, or web browsing), or silently disconnect the phone from the network altogether.
Passwords should become a thing of the past. Here’s why (World Economic Forum) November 18th
Over the past decade, the average person’s digital footprint has been exposed to increasing numbers of third parties. Now the average consumer manages over 191 pairs of usernames and passwords.
Receive the next edition of Nightfall’s InfoSec Roundup directly via email by subscribing here.
The realistic portrayal of hacking in the TV show Mr. Robot has been praised by cybersecurity experts for illustrating the threats and challenges companies face daily. Read this summary of some of the biggest hacks from the show and the cloud security lessons they provide audiences.
Galileo Health, an innovative healthcare technology startup, relies on Nightfall to secure their Slack channels and GitHub repositories. Michael Supon, Galileo’s Head of Security and Compliance, credits Nightfall’s ease of use, automation, and accurate results with improving his team’s productivity and helping maintain HIPAA compliance across Galileo’s data infrastructure.
Data discovery can sometimes be an overlooked component of many organizations’ approach to securing data, but its importance cannot be understated. Read about how data discovery can help your security team and how to choose the best data discovery tool.
Aaron’s, Inc., an omnichannel provider of lease-purchase solutions, protects against data loss using Nightfall’s easy-to-use Slack DLP integration. Stuart Lane, Information Security Engineer at Aaron’s, credits Nightfall in automating their DLP activity and helping enforce their company code of conduct among their employees.