This week, hijacking printers to promote a YouTube channel, fake iOS apps that steal money, Google patches 11 critical RCE Android Vulnerabilities, Marriott hack hits 500 million Starwood guests, and getting Pwned through an oscilloscope! Jason Wood from Paladin Security joins us for expert commentary to discuss how the "Iceman" hacker was charged with running a drone-smuggling ring from jail!
- Hacker hijacks printers worldwide to promote popular YouTube channel - I'm not going to mention the YouTube channels involved because I believe this is an unethical way to garner attention and ultimately subscribers, to your YouTube channel: The hacker scanned the Internet for printers with port 9100 open using Shodan and hacked them publishing a message that invited the victims to unsubscribe from [a competing] channel and subscribe to [Their own channel] instead. The attacker used the Printer Exploitation Toolkit (PRET) to compromise vulnerable printers. The PRET is a legitimate developed by researchers from Ruhr-Universität Bochum in Germany for testing purposes. The case is very singular and raises the discussion about the importance of properly secure Internet-connected devices. eh, largely depends on the make, model and firmware revision to determine just what sort of attacks are possible. Sending rogue print jobs to the printer is pretty common across vulnerable printers on the Internet.
- Experts found data belonging to 82 Million US Users exposed on unprotected Elasticsearch Instances More of this data exposure stuff going on: Experts from HackenProof discovered Open Elasticsearch instances that expose over 82 million users in the United States. Elasticsearch is a Java-based search engine based on the free and open-source information retrieval software library Lucene. It is developed in Java and is released as open source, it is used by many organizations worldwide. Experts discovered 73 gigabytes of data during a regular security audit of publicly available servers. Using the Shodan search engine the experts discovered three IPs associated with misconfigured Elasticsearch clusters. But was the data intended to be public already?
- Fake iOS Fitness Apps Steal Money | SecurityWeek.Com - Tricky: The trick used by the fake fitness apps is fairly simple: they ask the user to scan their fingerprint, supposedly for fitness-tracking purposes, but instead use this to activate a dodgy payment mechanism. Once the user complies with the request and places their finger on the iOS device’s fingerprint scanner, a pop-up showing a payment amounting to $99.99, $119.99 or 139.99 EUR is briefly displayed. “This pop-up is only visible for about a second, however, if the user has a credit or debit card directly connected to their Apple account, the transaction is considered verified and money is wired to the operator behind these scams,
- M2M Protocols Expose Industrial Systems to Attacks | SecurityWeek.Com - Some machine-to-machine (M2M) protocols can be abused by malicious actors in attacks aimed at Internet of Things (IoT) and industrial Internet of Things (IIoT) systems, according to research conducted by Trend Micro and the Polytechnic University of Milan. The security firm has analyzed two popular M2M protocols: Message Queuing Telemetry Transport (MQTT), which facilitates communications between a broker and multiple clients, and the Constrained Application Protocol (CoAP), a UDP-based server-client protocol that allows HTTP-like communications between nodes.
- Cisco Patches Critical Bug in License Management Tool - “The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application,” according to the Cisco Security Advisory. “A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres user.”
- It's nearly 2019, and your network can get pwned through an oscilloscope - Special-purpose devices such as this tend to have many security vulnerabilities: On Friday, SEC Consult said it had uncovered a set of high-impact vulnerabilities in electronic testing equipment made by Siglent Technologies. In particular, the bug-hunters examined the Siglent SDS 1202X-E Digital line of Ethernet-enabled oscilloscopes and found the boxes were lacking even basic security protections. Among the flaws found by researchers was the use of completely unauthenticated and unguarded TCP connections between the oscilloscopes and any device on the network, typically via the EasyScopeX software, and the use of unencrypted communications between the scope and other systems on the network.
- Dell Resets All Customers' Passwords After Potential Security Breach - On November 9, Dell detected and disrupted unauthorized activity on its network attempting to steal customer information, including their names, email addresses and hashed passwords. According to the company, the initial investigation found no conclusive evidence that the hackers succeeded to extract any information, but as a countermeasure Dell has reset passwords for all accounts on Dell.com website whether the data had been stolen or not.
- Marriott hack hits 500 million Starwood guests - You might have heard: The records of 500 million customers of the hotel group Marriott International have been involved in a data breach. The hotel chain said the guest reservation database of its Starwood division had been compromised by an unauthorised party. It said an internal investigation found an attacker had been able to access the Starwood network since 2014. The company said it would notify customers whose records were in the database. Marriott International bought Starwood in 2016, creating the largest hotel chain in the world with more than 5,800 properties.
- Critical Privilege Escalation Flaw Patched in Kubernetes | SecurityWeek.Com - A critical privilege escalation vulnerability has been found in Kubernetes, the popular open-source container orchestration system that allows users to automate deployment, scaling and management of containerized applications. The vulnerability, discovered by Rancher Labs Co-founder and Chief Architect Darren Shepherd, is tracked as CVE-2018-1002105 and it has been assigned a CVSS score of 9.8. It can allow an attacker to escalate privileges by sending specially crafted requests to the targeted server.
- Google Patches 11 Critical RCE Android Vulnerabilities - Android update time! Remote code-execution (RCE) vulnerabilities dominated Google’s December Android Security Bulletin. The flaws are part of a total of 53 unique bugs patched by the Android security team, with a total number of 11 critical bugs – six of which are RCE flaws tied to the operating system’s Media Framework and System components. According to Google, there are no reports that any of the unique bugs have been exploited or abused in the wild. Patches apply to Google’s Pixel and Nexus devices along with flagship Android phones from Samsung, LG, HTC and others. Over-the-air updates will be sent to Google handsets, and update schedules for other device manufacturers and mobile carriers will vary, according to the bulletin.