Judges say snooper’s charter lacks adequate safeguards around accessing personal data

Appeal court judges have ruled the government’s mass digital surveillance regime unlawful in a case brought by the Labour deputy leader, Tom Watson.

Liberty, the human rights campaign group which represented Watson in the case, said the ruling meant significant parts of theInvestigatory Powers Act 2016 – known as the snooper’s charter – are effectively unlawful and must be urgently changed.

Patch your Adaptive Security Appliance and Firepower Threat Defense code before they’re utterly p0wned

A programming slip in Cisco VPN software has introduced a critical vulnerability hitting ten different Adaptive Security Appliance and Firepower Threat Defense Software products.

The Australian government has suffered what must as one of the most ridiculously embarrassing security breach in its history: cabinet records from five successive governments were sent to a second-hand furniture store.

The trove ended up in the hands of the Australian Broadcasting Corporation (ABC – which is in the process of publishing what it judges safe to publish here).

It appears that someone decided to sell two filing cabinets intact because they’d lost the key (really); the buyer applied a power drill to the locks, and the rest is history.

And what a history it’s turned out to be: for the ABC. The broadcaster says it’s “withheld documents if there are national security reasons, if the information is already public, or to protect the privacy of public servants.”

Vulture South will keep our eyes on the cabinet leaks to look for other snippets of interest to our readers.

Mozilla has patched a nasty security bug in Firefox, affecting versions 56, 57 and 58, and their point updates.

The CVSS-8.8-rated flaw means that if an attacker can get a user to open a malicious document or link, remote code execution becomes a possibility – allowing spyware, ransomware and other nasties to be installed and run.

An advisory from Cisco explains: “The vulnerability is due to insufficient sanitisation of HTML fragments in chrome-privileged documents by the affected software … A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.”

Cybercriminals are using Tor proxies to divert ransomware payments to their own Bitcoin wallets.

Ransomware scammers have long directed victims to payment portals on the Tor network. For those who do not want to or cannot install the Tor browser necessary to pay their ransoms, operators generally direct victims to a Tor proxy such as onion.top or onion.to, which allows users to access the Tor network via standard web browsers.

But, in what appears to be the first such attack of its kind, operators of a onion.top proxy are performing man-in-the-middle attacks to substitute their own Bitcoin payment addresses for those originally specified in selected ransomware strains, net security firm Proofpoint reports.

Double dipping: Diverting ransomware Bitcoin payments via .onion domains
https://www.proofpoint.com/us/threat-insight/post/double-dipping-diverting-ransomware-bitcoin-payments-onion-domains

Cisco informed customers on Monday that updates released for its Adaptive Security Appliance (ASA) software patch a critical vulnerability that can be exploited to gain full control of devices or cause them to reload.

The security hole, tracked as CVE-2018-0101 and assigned a CVSS score of 10, allows a remote and unauthenticated attacker to execute arbitrary code or cause a denial-of-service (DoS) condition.

An update released this week by Mozilla for Firefox 58 patches a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution.

The vulnerability, tracked as CVE-2018-5124, affects Firefox versions 56 through 58 and it has been fixed with the release of Firefox 58.0.1. According to Mozilla, Firefox for Android and Firefox 52 ESR are not impacted. Linux distributions have also started pushing out updated packages that include the fix.

“The vulnerability is due to insufficient sanitization of HTML fragments in chrome-privileged documents by the affected software,”

Computer maker Lenovo has updated Fingerprint Manager Pro for Windows 7, 8, and 8.1 to address several insecure credential storage issues in the software, including the presence of a hardcoded password.

Hackers have been targeting automated teller machines (ATMs) in the United States to make them spill out cash using an attack technique known as “jackpotting.”

As part of the attacks, individuals with physical access to the machines connect to them and “install malware, or specialized electronics, or a combination of both to control the operations of the ATM,” The United States Secret Service revealed in a warning issued on Friday.

The attackers targeted stand-alone ATMs located in pharmacies, big box retailers, and drive thru ATMs, the alert reads. Both individual suspects and large organized groups (both local and international organized crime syndicates) are engaged in such attacks.

The authors of the infamous Dridex banking Trojan have created a sophisticated ransomware family, ESET warns.