Cyber security news August 2020

This posting is here to collect cyber security news in August 2020.

I post links to security vulnerability news with short descriptions to comments section of this article.

If you are interested in cyber security trends, read my Cyber security trends 2020 posting.

You are also free to post related links to comments.

cybergedeon_flame_color

10 Comments

  1. Tomi Engdahl says:

    Hacker leaks passwords for 900+ enterprise VPN servers
    https://www.zdnet.com/article/hacker-leaks-passwords-for-900-enterprise-vpn-servers/

    EXCLUSIVE: The list has been shared on a Russian-speaking hacker forum frequented by multiple ransomware gangs.

    A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers.

    ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community.

    According to a review, the list includes:

    IP addresses of Pulse Secure VPN servers
    Pulse Secure VPN server firmware version
    SSH keys for each server
    A list of all local users and their password hashes
    Admin account details
    Last VPN logins (including usernames and cleartext passwords)
    VPN session cookies

    Reply
  2. Tomi Engdahl says:

    A REUTERS INVESTIGATION
    Rite Aid deployed facial recognition systems in hundreds of U.S. stores
    https://www.reuters.com/investigates/special-report/usa-riteaid-software/

    Reply
  3. Tomi Engdahl says:

    Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)
    Kaspersky says Oilrig (APT34) group has been using DoH to silently exfiltrate data from hacked networks.
    https://www.zdnet.com/article/iranian-hacker-group-becomes-first-known-apt-to-weaponize-dns-over-https-doh/?ftag=CAD-03-10abf6j

    Reply
  4. Tomi Engdahl says:

    DNSExfiltrator is an open-source project available on GitHub that creates covert communication channels by funneling data and hiding it inside non-standard protocols
    https://github.com/Arno0x/DNSExfiltrator

    Reply
  5. Tomi Engdahl says:

    A new technique can detect newer 4G ‘stingray’ cell phone snooping
    https://techcrunch.com/2020/08/05/crocodile-hunter-4g-stingray-cell/?tpcc=ECFB2020

    Security researchers say they have developed a new technique to detect modern cell-site simulators.

    Cell site simulators, known as “stingrays,” impersonate cell towers and can capture information about any phone in its range — including in some cases calls, messages and data. Police secretly deploy stingrays hundreds of times a year across the United States, often capturing the data on innocent bystanders in the process.

    Little is known about stingrays, because they are deliberately shrouded in secrecy. Developed by Harris Corp. and sold exclusively to police and law enforcement, stingrays are covered under strict nondisclosure agreements that prevent police from discussing how the technology works.

    But what we do know is that stingrays exploit flaws in the way that cell phones connect to 2G cell networks.

    Most of those flaws are fixed in the newer, faster and more secure 4G networks, though not all. Newer cell site simulators, called “Hailstorm” devices, take advantage of similar flaws in 4G that let police snoop on newer phones and devices.

    Some phone apps claim they can detect stingrays and other cell site simulators, but most produce wrong results.

    But now researchers at the Electronic Frontier Foundation have discovered a new technique that can detect Hailstorm devices.

    Enter the EFF’s latest project, dubbed “Crocodile Hunter”

    https://github.com/EFForg/crocodilehunter

    Quintin and fellow researcher Yomna Nasser, who authored the EFF’s technical paper on how cell site simulators work, found that collecting and decoding the MIB and SIB messages over the air can identify potentially illegitimate cell towers.

    https://www.eff.org/deeplinks/2019/07/announcing-gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell

    Reply
  6. Tomi Engdahl says:

    YouTube bans thousands of Chinese accounts to combat ‘coordinated influence operations’
    https://tcrn.ch/33Id71x

    YouTube has banned a large number of Chinese accounts it said were engaging in “coordinated influence operations” on political issues, the company announced today; 2,596 accounts from China alone were taken down from April to June, compared with 277 in the first three months of 2020.

    Reply
  7. Tomi Engdahl says:

    Hackers say ‘jackpotting’ flaws tricked popular ATMs into spitting out cash
    https://techcrunch.com/2020/08/06/hackers-atm-spit-cash/?tpcc=ECFB2020

    Reply
  8. Tomi Engdahl says:

    Massive 20GB Intel IP Data Breach Floods the Internet, Mentions Backdoors
    https://www.tomshardware.com/news/massive-20gb-intel-data-breach-floods-the-internet-mentions-backdoors

    Anonymous hacker promises more to come soon, too

    A leaker today posted on Twitter a link to a file sharing service that contains what an anonymous source claims is a portion of Intel’s crown jewels: A 20GB folder of confidential Intel intellectual property. The leaker dubbed the release the “Intel exconfidential Lake Platform Release ;).”

    The anonymous leaker claims the hacker “breached” Intel and the files were obtained earlier this year, adding “most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret.” The leaker says more files will be shared soon, and “the future parts of this leak will have even juicier and more classified stuff.”

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*