Cyber security news August 2019

This posting is here to collect cyber security news in August 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.



  1. Tomi Engdahl says:

    Microsoft has issued a critical warning across all versions of its platforms, including every version of Windows 10, and told users they must act now.

    Let’s see:

    Wormable: yes
    Exploit likelihood: moderate
    Skill to exploit: unknown but assumed intermediate based on previous exploits
    Impact: Severe
    Public POC: no
    Public Exploit: no
    Access level: network
    Unauthenticated: yes
    CVSS: 9.7
    Mitigations: moderately effective

    Enabling NLA can moderately deter by requiring creds but if you can Mimikatz the machine that’s a useless compensating control.

  2. Tomi Engdahl says:

    Biostar security software ‘leaked a million fingerprints’

    Researchers working with cyber-security firm VPNMentor managed to access data from a security tool called Biostar 2.

  3. Tomi Engdahl says:

    Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched ‘BlueKeep’ RDP vulnerability.
    Discovered by Microsoft’s security team itself, all four vulnerabilities, CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226, can be exploited by unauthenticated, remote attackers to take control of an affected computer system without requiring any user interaction.

    the vulnerabilities reside in Remote Desktop Services—formerly known as Terminal Services—could be exploited by unauthenticated, remote attackers by sending specially crafted requests over RDP protocol to a targeted system.

    Microsoft also says that the company has found “no evidence that these vulnerabilities were known to any third party,” or being exploited in the wild.

    If left unpatched, these security vulnerabilities could allow attackers to spread wormable malware

    Microsoft August 2019 Patch Tuesday Updates
    Besides these four critical security flaws, Microsoft has also patched 89 vulnerabilities as part of the company’s monthly batch of software security updates for August, 25 of which are rated critical and 64 important in severity.

  4. Tomi Engdahl says:

    This data leak strikes at the heart of one of the big fears and criticism about biometrics: You can change your username and password with a couple of clicks. Your face and fingerprints are forever.

  5. Tomi Engdahl says:

    We checked and yup, it’s no longer 2001. And yet you can pwn a Windows box via Notepad.exe
    Google guru shows how WinXP-era text code grants total control

    Patch Tuesday Software buried in Windows since the days of WinXP can be abused to take complete control of a PC with the help of good ol’ Notepad and some crafty code.

    system’s Text Services Framework, which manages keyboard layouts and text input, could be exploited by malware or rogue logged-in users to gain System-level privileges.

    The flaw, designated CVE-2019-1162, is patched in this month’s Patch Tuesday release of security fixes from Microsoft. The relevant update should be installed as soon as possible.

  6. Tomi Engdahl says:

    In a recent test, facial recognition software incorrectly matched 26 California legislators with mug shots of people who had been arrested. California is considering banning such software from being used with police body cameras.

    About 1 in 5 legislators was erroneously matched to a person who had been arrested when the ACLU used the software to screen their pictures against a database of 25,000 publicly available booking photos.

  7. Tomi Engdahl says:

    Huawei employees reportedly aided African governments in spying

    A new report from The Wall Street Journal could be another damning piece of evidence for a company already under a good deal of international scrutiny. The paper is reporting that technicians working for Huawei helped members of government in Uganda and Zambia spy on political opponents.

  8. Tomi Engdahl says:

    This Hacker Made Clothes That Can Confuse Automatic License Plate Readers​

    Designer Kate Rose presented her “adversarial fashion” line of clothing, which introduces garbage data into license plate reader systems, at DEF CON 27

  9. Tomi Engdahl says:

    US Cyber Command has publicly posted malware linked to a North Korea hacking group

    U.S. Cyber Command, the sister division of the National Security Agency focused on offensive hacking and security operations, has released a set of newsamples of malware linked to North Korean hackers.

    The military unit tweeted Wednesday that it had uploaded the malware to VirusTotal, a widely used database for malware and security research.

  10. Tomi Engdahl says:

    Why You Should Never Borrow Someone Else’s Charging Cable

    Protect your charging cables like you protect your passwords, say cybersecurity experts.

    “There are certain things in life that you just don’t borrow,” says Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy new underwear.”

    Malicious charging cables aren’t a widespread threat at this time, says Henderson, “Mainly because this kind of attack doesn’t scale real well, so if you saw it, it would be a very targeted attack.”

  11. Tomi Engdahl says:

    If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you’re probably screwed.
    A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware in a way that remains undetected over time, sometimes for years.

  12. Tomi Engdahl says:

    Trend Micro Patches Privilege Escalation Bug in its Password Manager—threats/trend-micro-patches-privilege-escalation-bug-in-its-password-manager/d/d-id/1335525?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

    Organizations should update to latest build as soon as possible, security vendor says.

  13. Tomi Engdahl says:

    Antisurveillance clothes foil cameras by making you look like a car

    The garments introduced at DefCon are meant to confuse systems that track civilians. Talk about a statement piece.

  14. Tomi Engdahl says:

    Timothy B. Lee / Ars Technica:
    Federal judge rules Georgia will have to fall back to paper ballots if it doesn’t replace its electronic voting machines with a secure system for 2020 election

    Judge orders Georgia to switch to paper ballots for 2020 elections
    Judge finds several serious flaws with Georgia’s current election technology.

    Election security advocates scored a major victory on Thursday as a federal judge issued a 153-page ruling ordering Georgia officials to stop using its outdated electronic voting machines by the end of the year. The judge accepted the state’s argument that it would be too disruptive to switch to paper ballots for municipal elections being held in November 2019. But she refused to extend that logic into 2020, concluding that the state had plenty of time to phase out its outdated touchscreen machines before then.

    The state of Georgia was already planning to phase out its ancient touchscreen electronic voting machines in favor of a new system based on ballot-marking machines.

    “The court’s ruling recognizes that Georgia’s voting machines are so insecure, they’re unconstitutional,” Halderman said in an email to Ars. “That’s a huge win for election security that will reverberate across other states that have equally vulnerable systems.”

  15. Tomi Engdahl says:

    Kaspersky AV injected unique ID that allowed sites to track users, even in incognito mode

    Feature Kaspersky added in 2015 also made it possible to be ID’d across different browsers.

  16. Tomi Engdahl says:

    Customs computers shut down, causing delays at airports nationwide

    UCB had attempted to use a backup system, but now, passengers are being processed manually

    The cause of the shutdown is unknown.

  17. Tomi Engdahl says:

    Researchers Show How Easy It Is to Hijack an IoT Surveillance Feed

    Researchers replaced an IP camera’s real-time footage with pre-recorded video, highlighting the dangers of weak encryption.

  18. Tomi Engdahl says:

    Customs computer system crash causes nationwide airport delays

    The US Customs and Border Protection agency’s computer system experienced a nationwide shutdown Friday — causing major delays and massive lines at airports.

  19. Tomi Engdahl says:

    The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.

  20. Tomi Engdahl says:

    Facial recognition in King’s Cross prompts call for new laws

    There is growing pressure for more details about the use of facial recognition in London’s King’s Cross to be disclosed after a watchdog described the deployment as “alarming”.

  21. Tomi Engdahl says:

    How uncertainty in the cyber domain changes war

    Uncertainty clouds the cyber domain. The ability to blur where attacks originated raises questions about how to strike back, while cyber weapons are changing the theory of deterrence.

    Discussions swirl throughout the globe about whether cyberattacks constitute acts of war and whether they warrant a military response. In 2011, the Pentagon decided that they would.

    “It’s very easy to say these things; it’s much more different to do these things,”

  22. Tomi Engdahl says:

    An ‘Old-School Hacker’ Fights Cybercrime

    After five years in prison, Kevin Mitnick put on a ‘white hat.’ Now he has advice for companies—and for you—about staying safe online.

  23. Tomi Engdahl says:

    Karmea moka: Ihmisten tuoreita terveystietoja päätyi tietokoneen mukana kirpputorille – ”Tällä olisi voinut tehdä miljoonavahingot”

  24. Tomi Engdahl says:

    I Tried Hiding From Silicon Valley in a Pile of Privacy Gadgets

    Avoiding digital snoops takes more than throwing money at the problem, but that part can be really fun.

  25. Tomi Engdahl says:

    Mobiilimaksuilla laskutettu härskisti kuluttajia – Telia sulki valituksia saaneen palvelun, operaattorit tarkistavat linjauksiaan

  26. Tomi Engdahl says:

    Cybersecurity conference attendees possibly exposed to IRL virus

    Hackers and cybersecurity researchers who attended this year’s annual Black Hat information security conference in Las Vegas found themselves on the receiving end of the wrong kind of security notification. On Thursday, the Southern Nevada Health District issued a warning stating that individuals in Vegas over the course of the conference may have been exposed to measles.

  27. Tomi Engdahl says:

    Is your CISO really C-Level ?

    There’s a big hype around the title CISO – Chief Information Security Officer.

    From my point of view, not only it is “over used” but also frequently abused

  28. Tomi Engdahl says:

    INTRODUCING the Screen Crab and Signal Owl by Hak5 – 2601

  29. Tomi Engdahl says:

    Judge orders Georgia to switch to paper ballots for 2020 elections
    Judge finds several serious flaws with Georgia’s current election technology.

  30. Tomi Engdahl says:

    This new cryptojacking malware uses a sneaky trick to remain hidden

    ‘Norman’ cryptomining malware was found to have infected almost every system in one organisation during an investigation by security researchers

  31. Tomi Engdahl says:

    Capital One Cyber Staff Raised Concerns Before Hack

    Cybersecurity employees reported what they saw as staffing issues and other problems to bank’s internal auditors, human-resources department and other senior executives

  32. Tomi Engdahl says:

    RIP Hacker Hoodies? Competition Calls for Better Cybersecurity Art

    BY MICHAEL KAN 1 AUG 2019, 7:49 P.M.
    Got a creative idea on how to visualize cyber conflict, hacking, and privacy? A new contest wants your submission. ‘There is a massive opportunity to improve the ways in which cybersecurity is communicated, taught, and visualized,’ says the contest’s sponsors.

    How might we reimagine a more compelling and relatable visual language for cybersecurity?

  33. Tomi Engdahl says:

    AusCERT2019 Day 1 AM Keynote by Mikko Hypponen

    Julkaistu 11.6.2019
    ‘Computer Security: Yesterday, Today and Tomorrow

  34. Tomi Engdahl says:

    Ransomware attack in Texas targets local government agencies

    It appears to have been a coordinated effort.

  35. Tomi Engdahl says:

    This week’s Windows updates fix critical ‘wormable’ flaws but may also break Visual Basic apps, macros, and scripts. What should you do?

    To patch Windows or not: Do you want BlueKeep bug or broken Visual Basic apps?

    This week’s Windows updates fix critical ‘wormable’ flaws but may also break Visual Basic apps, macros, and scripts. What should you do?


Leave a Comment

Your email address will not be published. Required fields are marked *