- Metacurity
- Posts
- Microsoft Issues Fixes for 87 Flaws Including Bad Bug That Can Be Exploited by Malformed Packet
Microsoft Issues Fixes for 87 Flaws Including Bad Bug That Can Be Exploited by Malformed Packet
Norway blames Russia for Parliament cyberattack, Internet freedom has taken a hit since COVID-19, Cybercriminals are launching attacks at WFH workers using Ofice 365, and more
Microsoft issued updates to fix 87 security problems in Windows and programs that run on top of it as part of Patch Tuesday. Eleven of the vulnerabilities are deemed critical, meaning that an adversary can exploit them to take over a targeted system. The worst problem, CVE-2020-16898, dubbed Bad Neighbor by McAfee, earned 9.8 on the CVSS scoring system and is a bug in Windows 10 and Windows Server 2019 that could be abused to install malware just by sending a malformed packet of data at a vulnerable system.
Another critical bug, flagged by Trend Micro’s Zero Day Initiative, is CVE-2020-16947, which is a flaw with Microsoft Outlook that could result in malware being loaded onto a system just by previewing a malicious email in Outlook. Other Microsoft patches fixed issues in Exchange Server, Visual Studio, .NET Framework, and a number of other core Windows components.
After months of failing to issue a patch for its notoriously problematic Flash player, Adobe issued a single fix for a critical flaw in the product. Successful exploitation of the vulnerabilities could lead to an exploitable crash, potentially resulting in arbitrary code execution in the context of the current user. (Brian Krebs / Krebs on Security)
Related: McAfee, Threatpost, Security Affairs, The State of Security, Qualys Blog, Rapid 7, gHacks, Dark Reading, Talos Intel, ZDNet Security, SANS, The Register - Security, Bleeping Computer, Redmond Magazine, Security - Computing, The Hacker News, SecurityWeek, ComputerWeekly: IT security, TechNadu
Norway Blames Russia for a Cyberattack Against Parliament’s Email System
The government of Norway said it believes Russia was behind an August cyberattack targeting the email system of the country's parliament. In 2018, Norway arrested a Russian national suspected of gathering information on the parliament's internet network but released him several weeks later due to a lack of evidence. In August, Oslo expelled a Russian diplomat discovered in a restaurant meeting a Norwegian national suspected of spying for Moscow. Russia strongly denies Norway’s latest allegation. (Reuters)
Related: Cyberscoop, Security Week, Infosecurity Magazine, Al Jazeera, TASS, Teller Report, ABC.net.au, Sydney Morning Herald, DAILYSABAH
Internet Freedom Has Taken a Hit Since COVID-19 Crisis Began
Global Internet Freedom has been broadly curtailed since the COVID-19 crisis began according to the latest Freedom on the Net report by digital rights watchdog Freedom House. For the 10th consecutive year, users have experienced an overall deterioration in their rights, and the phenomenon is contributing to a broader crisis for democracy worldwide, the report says. Political leaders have used the pandemic as a pretext to limit access to information and to expand surveillance powers and the introduction of intrusive technologies. (Lily Hay Newman / Wired)
Related: Freedom House, New on MIT Technology Review
Other Cybersecurity News
The state of North Carolina has opened a Cybercrime Support Network, a free 2-1-1 cybercrime hotline, one of the first to be launched in the United States, which has been funded by state and federal grants. Victims of cybercrime can call the hotline and connect with trained call specialists who have access to a base of more than 90,000 resources. (Sarah Coble / Infosecurity Magazine)
Cybercriminals are using built-in Office 365 services to launch cyberattacks on COVID-19 stay-at-home workers, researchers at Vectra report. Once attackers are in Office 365, laterally movement into other networks is easier. (Elizabeth Montalbano / Threatpost)Related: PR Newswire, Security Magazine, BetaNews, Vectra
Cybersecurity risk management company Mnemonic discovered a backdoor in a smartwatch made for children branded as Xplora that enables remote and covert surveillance through wiretapping, taking pictures, and location tracking. The backdoor appears to be authored by the manufacturer of the watch, the Chinese technology company Qihoo 360. Xplora claims to have sold more than 350 000 smartwatches for children globally. (Mnemonic)
Half of all virtual appliances have outdated software and serious vulnerabilities, according to a new study by cloud security company Orca Security. Orca scanned more than 2,200 virtual appliance images from 540 vendors that were being distributed through the public marketplaces of common cloud platforms and identified 401,571 vulnerabilities across 2,218 appliances. (Lucian Constantin / CSO Online) Related: SecurityWeek, TechCentral.ie
Miami-based “value-added solutions and technology products” company Intcomex suffered a major data breach, with nearly 1 TB of its users’ data leaked. The leaked data includes credit cards, passport and license scans, personal data, payroll, financial documents, customer databases, employee information and more. The data were leaked on a Russian hacker forum for free. (Bernard Mayer / Cybernews)
Today’s Must-Read
Garrett Graff at Wired has a lengthy profile of Paul Nakasone, the head of NSA and CyberCommand. After 15 years fighting on the cyber front, Naksone is one of the nation’s “elite cyber warriors” and is part of an elite group that determines how the U.S. fights in a virtual realm in the 20th century.
Today’s Must-Watch
Tarah Wheeler, Deviant Ollam, and Doctor Tran appear on MalwareTech’s blog to round out an all-star cybersecurity discussion of recent news including the scheme to stop TrickBot.