StarLink Hacks, Ramsomware Extortion, Signal/Twilio Compromise, Hacking Cars and Trac – PSW #752
Larry, Doug, Lee, Josh, and Chris Blask cover the security news!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
A well regarded figure, Chris has been involved in the ICS and information security industries for more than 25 years, spanning the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multibillion-dollar firewall business at Cisco, co-founded an early Security Information and Event Management (SIEM) vendor and co-authored the first book on SIEM. He chairs the Industrial Control System Information Sharing and Analysis Center (ISAC), serves on the Board of Directors for the International Association of Certified ISAOs (Information Sharing and Analysis Organizations) and is involved with a wide range of national and international cybersecurity efforts. Chris lives in Orlando, Florida.
- 1. SpaceX’s Starlink was hacked using a $25 homemade device, researcher warns
- 2. Elon Musk’s SpaceX Starlink internet hacked with $25 homemade device
- 3. Cisco Talos shares insights related to recent cyber attack on Cisco
- 4. How I Hacked my Car - How I Hacked my Car Part 2: Making a Backdoor
- 5. Hacking John Deere Tractors
- 1. Social engineering, computer fraud ruled legally distinct
- 2. NASA wants a 100x upgrade for space computers
- 3. Mozilla finds 18 of 25 popular reproductive health apps leak
- 4. Discord details how it dodged latency with cloudy super-disk
- 5. CS:GO trading site hacked to steal $6 million worth of skins
- 6. Exploit out for critical Realtek flaw affecting many networking devices
- 7. Hackers attack UK water supplier but extort wrong company
- 1. Cybersecurity Toolkit to Protect Elections - The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Joint Cyber Defense Collaborative (JCDC), has published a guide for election systems cybersecurity. Designed to help US state and local election officials, the Cybersecurity Toolkit to Protect Elections includes a tool to assess risk profile as well as information about tools and services that can be used to help secure election infrastructure assets.
- 2. CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering - A high severity vulnerability in Palo Alto Networks’ PAN-OS is being actively exploited to conduct reflected and amplified TCP denial-of-service attacks. The URL filtering policy misconfiguration flaw affects six versions of PAN-OS; a fix is available for one of the versions; Palo Alto Networks says it will release updates for the remaining versions of PAN-OS this week.
- 3. A Single Flaw Broke Every Layer of Security in MacOS - Apple has released updates to address a vulnerability that could be exploited by a process injection attack to break multiple levels of Apple security. The issue was discovered by Thijs Alkemade, a researcher from the cybersecurity firm Computest.
- 4. Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks - A vulnerability in the SIP application layer gateway (ALG) included in Realtek's software development kit for its RTL819xD system on a chip devices exposes routers to a simple stack based buffer overflow. Patches are available from Realtek but have not yet been included by all vendors in updated firmware images. This vulnerability is exploitable via a single UDP packet sent to the router even if the web based administrative interface is not exposed.
- 5. Critical Infrastructure at Risk as Thousands of VNC Instances Exposed - Security researchers have warned that countless global organizations might be at risk of remote compromise after discovering more than 8000 exposed VNC servers without passwords.
- 6. Signal accounts hacked: Here’s how to check whether you’re affected - Phone numbers of nearly 1900 Signal users were exposed in a data breach , after Twilio, the company that provides Signal with phone number verification service was hit by a phishing attack during which attackers sent a customer support executive a link that, after being clicked, gave them access to the Twilio customer support system.
- 7. Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium - Microsoft claims to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries. (Callisto Group, ColdRiver, TA446)
- 8. New Windows 10 21H2 build improves ransomware protection and language management - Windows upcoming 21H2 Build 19044.1947 will enhance its built-in antivirus app with enhanced ransomware detection/interception capabilities. [Note: the version 11 update is still being offered for free from the vendor; version 11 has anti-ransomware protection]
- 9. Zoom’s latest update on Mac includes a fix for a dangerous security flaw - Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system. Apply manual update.
- 10. QBot phishing uses Windows Calculator DLL hijacking to infect devices - Lots of people still use Version 7 of the world’s most popular OS. Hackers understand this – and they developed a nifty piece of malware (aka: Qbot) that leverages how that OS version’s calculator loads .DLL runtime files to infect machines.