CyberSecurity Pulse 2016-04-14

CyberSecurity Pulse 2016-04-14

"If you had to identify, in one word, the reason why the human race has not achieved, and never will achieve, its full potential, that word would be ‘meetings’."
Dave Barry – American humorist

Analyst Insight

Badlock: When Expectations Exceed Reality

This Tuesday 12 April, the details related to the vulnerability known as Badlock were finally released. As if it was a new product, this vulnerability that already had a release date, owned a website and a logo for three weeks, has raised lots of comments in the community for reasons mostly related to the form in which it was published than to the content itself.

CyberSecurity Pulse 2016-04-14From a technical point of view, the vulnerability affects the authentication process that implements Microsoft over the SMB protocol, allowing privilege escalation to attackers that previously have managed to perform a man-in-the-middle attack. From Windows Vista, versions of Microsoft's operating system need to be updated along with the versions of Samba 3.6.x ahead (open-source software that integrates Linux or Unix servers and Windows computers across a network).

Although it is a serious vulnerability, the fact that Badlock needs to be exploited in conjunction with an RCE exploit to be considered critical, has lead to widespread disappointment among security experts. Many agree that attempts have been made to compare this vulnerability in terms of severity to others as Heartbleed or Poodle, reinforcing the opinion among those who associated Badlock with marketing hype more than security awareness.


Top Stories

Experts Examine Mossack Fonseca Breach

CyberSecurity Pulse 2016-04-14Nearly a week after the Panamanian law firm Mossack Fonseca sent an alert to the clients announcing that the firm's email server was breached, it has been confirmed that Mossack Fonseca's main website currently runs an outdated version of Revolution Slider, a WordPress plugin that could grant a remote attacker a shell on the web server, said Feedjit CEO Mark Maunder. Maunder stated that his team assessed Mossack Fonseca's IP history and discovered that the firm's website IP was on the same network as its mail servers. The law firm's website was wide open until a month ago and would have been "trivially easy" to get into their systems.

» More information at Security Affairs

Forensic Firm that Unlocked Terrorist's iPhone 5C Is Close to Crack iPhone 6

CyberSecurity Pulse 2016-04-14The FBI did not want to disclose the identity of the company that helped them to access the San Bernardino iPhone, but it is believed that the Israeli firm Cellebrite may be behind that help. Now, Cellebrite is reportedly "optimistic" about hacking the iPhone 6 in order to help an Italian man named Leonardo Fabbretti to get access to the phone of his dead son. If Cellebrite gets to access, undoubtedly, the company will sell its tool to the FBI agents to solve their several pending cases.

» More information at The Hacker News


Rest of the Week´s News

WordPress Sets Up Default HTTPS Encryption for Custom Domains

The company WordPress has turned on HTTPS encryption for every custom domain hosted on wordpress.com. The publishing platform started working with the certificate authority Let's Encrypt to launch a beta roll out of HTTPS earlier this year.

» More information at SC Magazine
 

Bribery Helped Criminals Whitelist Malware in Chinese Antivirus Product

According to Feixiang He, a security researcher with Check Point Research Team, the attack was extensive with cybercriminals bribing employees of a Chinese gaming company into including their malware among the legitimate apps sent to Qihoo 360.

» More information at SC Magazine
 

How to Decrypt Petya Ransomware

In this case, you can unlock your infected computer without paying the ransom. In order to use the Leostone's password generator tool, victims must remove the startup drive from the Petya affected computer and connect it to another Windows computer that's not infected.

» More information at The Hacker News


Further Reading

Cyber Justice Team Claims a Massive Data Leak from the Syrian Gov

» More information at Security Affairs

Bug Bounty Program Is Becoming More Popular in Japan

» More information at Security Affairs
 

CCTV Cameras Sold on Amazon Come with Pre-Installed Malware

» More information at The Hacker News


facebooktwitterlinkedinmail