Remote access

Z-Wave, SSD, Singapore ISP, and VPN Filter Malware Risk – Hack Naked News #175

May 29, 2018
This week, net neutrality and what it really means, Qradar vulnerability, trying to secure your mobile device, when Z-Wave attacks, routers are open to attack because of your ISP, Starbucks and XSS, Despacito hackers arrested, rebooting your routers, and more! Daniel Lowrie from ITPro.TV joins us for expert commentary this week, and more on this episode of Hack Naked News!

Security News

  1. Why Is Your Location Data No Longer Private? Krebs on Security - Great article from Brian, I like this part as it clarifies what is actually happening: When the FCC’s repeal of the net neutrality rules takes effect on June 11, 2018, broadband providers will once again be regulated by the Federal Trade Commission (FTC). That power was briefly shared with FCC when the agency under the Obama administration passed its net neutrality rules with the assumption that it could regulate broadband providers like telecommunications companies. It remains to be seen how, or if, the FTC will regulate ISPs.
  2. SSD Advisory QRadar Remote Command Execution SecuriTeam Blogs - Multiple vulnerabilities in QRadar allow a remote unauthenticated attackers to cause the product to execute arbitrary commands. Each vulnerability on its own is not as strong as their chaining – which allows a user to change from unauthenticated to authenticated access, to running commands, and finally running these commands with root privileges. A patch has been issued by IBM, the link is in the article.
  3. Securing Mobile Devices During Summer Travel | US-CERT - As summer begins, many people will travel with their mobile devices. Although these devices—such as smartphones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. The guidelines include some basic advice, although noticeably missing is keeping your device up-to-date, in addition to all of your apps, making sure your phone is encrypted, using a secure messaging app like Signal, and protecting your device with a passcode/fingerprint/facial recognition.
  4. Z-Wave Downgrade Attack Left Over 100 Million IoT Devices Open to Hackers - Even after Silicon Labs, the company who owns Z-Wave, made it mandatory for certified IoT devices to use the latest S2 security standard, millions of smart devices still support the older insecure version of pairing process, called S0 framework, for compatibility. And a research company found it could trick devices into falling back on the older, and less secure, protocol.
  5. Singapore ISP Leaves 1,000 Routers Open to Attack - Southeast Asian telcom giant Singapore Telecommunications Limited left approximately 1,000 customer routers wide open to a potential attack via an unprotected port. The flub occurred after the region’s largest ISP conducted remote maintenance on affected routers and failed to secure equipment when the work was complete, according to NewSky Security. Just making sure that this practice is still in play, and a note to ISPs NOT to do this, ever.
  6. Starbucks site slurped, Z-Wave locks clocked, mad Mac Monero mining malware and much more - XSS is still floating around, despite so many methods and techniques for protecting against it: Researcher Martin Bajanik discovered a cross site scripting bug that was present on the Starbucks UK website. The now-patched bug would have allowed an attacker to inject malicious JavaScript into the browsers of people visiting the cafe chain's online store, though Bajanik says an actual exploit would have been hard to pull off.
  7. French teens charged over Despacito hack - Two 18-year-old French citizens have been charged in Paris following a hack of popular music videos on YouTube. The hackers targeted a string of videos last year, including the hit song Despacito - the most-watched YouTube music video of all time.They did this through Vevo, a music hosting service, and reportedly is not the first time the company has been breached.
  8. FBI Recommends Router Reboots to Limit VPNFilter Malware Risk - In many cases, the reason why power-cycling or rebooting a system works is because it will remove non-stateful code that is running in a device's memory and return the device to a default status. When it comes to malware, there has been a growing trend in recent years for attacks to make use of what is known as "file-less malware"—malware that resides in memory and doesn't use a specific malware executable that is stored on disk in order to run. The vulnerabilities will, of course, still exist. And the VPNFilter malware exploits known vulnerabilities, so also make sure you patch your devices.
Full Show Notes Visit to get all the latest episodes! [audio src="" ]
prestitial ad