Securezoo Cybersecurity Threat Center
 
Malware and Security
Vendor Resources
Securezoo Cybersecurity Threat Center
 
Latest Patches and
Security Updates
Latest cyber threats, vulnerabilities, data breaches and security updates
Thursday October 19, 2017:
Cisco released security updates to fix vulnerabilities on several products to include Cloud Services Platform 2100, Cisco FXOS and NX-OS System Software, and Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones. For the latter, the update addresses a SIP Denial of Service Vulnerability that could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. See US-CERT advisory for more details.

Trend Micro released new information on Locky ransomware trends this year and more recent activities that continue to make it a
relevant and credible threat to organizations of all sizes. Trend Micro says that large scale spam campaign continues to be highest threat vector, but also Cerber continues to use attacks vectors of exploit kits.

In case you missed it, ZDNet released good information on patches and updates available from a number of vendors to address KRACK vulnerabilities. Vendors include Apple, Aruba, Cisco, Fortinet, Netgear and many others. 


Wednesday October 18, 2017:
A China-linked cyber espionage group has been targeting organizations in the United States with spear phishing emails with malicious documents designed to exploit a previously patched a .NET Framework Remote Code Execution Vulnerability (CVE-2017-8759). The attacks were observed by Proofpoint as recently as mid-September shortly after the vulnerability was previously reported by FireEye and patched by Microsoft on September 12. The targeted organizations include a U.S. shipbuilding company and university research center with ties to the U.S. military, SecurityWeek reports

Google has released Chrome 62 (62.0.3202.62) for Windows, Mac and Linux to address multiple vulnerabilities. The update includes fixes for 8 high severity vulnerabilities reported by external security researchers. 

The Internet Crime Complaint Center (IC3) has issued a threat alert to individuals and businesses about the cyber security exploitation risks involved with the Internet of Things (IoT). 


Tuesday October 17, 2017:
Adobe has released a security update for Flash Player (APSB17-32) to fix a critical confusion vulnerability (CVE-2017-11292) being exploited in the wild. An exploit of the vulnerability could lead to code execution.

Google and ESET have teamed up to provide a basic antivirus for Chrome with latest upgrade to 
Chrome Cleanup. Philippe Rivard, Product Manager of Chrome Cleanup, described the new capabilities in a blog post Monday: 
 
"We upgraded the technology we use in Chrome Cleanup to detect and remove unwanted software. We worked with IT security company ESET to combine their detection engine with Chrome’s sandbox technology. We can now detect and remove more unwanted software than ever before, meaning more people can benefit from Chrome Cleanup. Note this new sandboxed engine is not a general-purpose antivirus—it only removes software that doesn’t comply with our unwanted software policy."
 


Monday October 16, 2017:
Security researchers have discovered serious weaknesses and total breakdown in WPA2, a security protocol used to secure protected Wi-Fi networks. An attacker within range of a victim's Wi-Fi device could exploit these weaknesses using key reinstallation attacks (KRACKs). The vulnerabilities lie in the WPA2 protocol's four-way handshake, which is used to confirm that both the client and access point possess the correct pre-shared password needed to join the network. This attack could be used consequently to decrypt all data transmitted by the victim and steal sensitive information such as credit card numbers, passwords, chat messages, emails and photos. Depending on configuration, it is also possible for hackers to inject ransomware and manipulate data.

According to one of the researchers Mathy Vanhoef who discovered the attack, the vulnerabilities affect Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others. However, Vanhoef said the key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher, which can be tricked into (re)installing an all-zero encryption key. 

The researchers also include good FAQ's about the attack and guidance from the Wi-Fi Alliance to help remedy the discovered vulnerabilities in the future. Guidance will include a new vulnerability detection tool, vendor patch updates (as they are released) and communication of the importance to update Wi-Fi devices as soon as they are available. 

Pizza Hut informed customers on October 14 of a data breach involving an “unauthorized third party intrusion” on its website. The window of intrusion appeared to be small -- about 28 hours between October 1 and 2 for users who made online orders using its website or mobile application, Tripwire reports