A selection of this week’s more interesting vulnerability disclosures and cyber security news. It’s been a while since we had reports of a Node.Js module repo tainting, this time though, it appears that its Ruby’s turn to suffer along with Google scoring an own goal. Trust in the code library supply chain shows once again that mistakes can have a wide ranging impact. I don’t have any solutions. Does anyone?
We’ve seen regular exposure of S3, Elastic Search and MongoDB instances. In some ways it can be understandable (though not defensible) as to why they might be exposed. What I am utterly amazed at is the discovery of iSCSI exposure! What were they thinking – if they were at all?:
Could this be a new angle for the future?
- Undocumented Intel VISA Tech Can Be Abused, Researchers Allege Researchers at Black Hat Asia said that Intel VISA, an undocumented testing tool, can be abused using previously-disclosed vulnerabilities.
In other news…
- Hackers don”t just want to pwn networks, they literally want to OWN your network and no one knows they”re there (The Register)
- Lazarus Group Widens Tactics in Cryptocurrency Attacks MacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.
- Zero-Day Bug Lays Open TP-Link Smart Home Router However, an attacker would need to already be on the local network to be successful.
- BEC Scam Gang London Blue Evolves Tactics, Targets Business email compromise group London Blue is back with evolved email domain spoofing tactics and a newfound interest in targets in Asia.
- Facebook and Amazon are Locked in a Blame Game Over Leaked Data: Who’s Really To Blame? After two databases were discovered leaking Facebook data, Facebook and Amazon are both pointing fingers but researchers say the onus lies on all parties involved as data collection continues to grow.