Security Alerts & News
by Tymoteusz A. Góral

#1739 Siemens-branded CCTV webcams require urgent firmware patch
Siemens-branded IP-based CCTV cameras are the latest internet-connected devices to be found vulnerable to hacking attacks.

In this particular instance, according to a security advisory issued by Siemens, the vulnerability – known as CVE-2016-9155 – could be remotely exploited by malicious attackers to trick CCTV cameras into revealing admin passwords:

"The latest update for SIEMENS-branded IP-based CCTV cameras fixes a vulnerability that could allow a remote attacker to obtain administrative credentials from the integrated web server."

Until patches can be applied, restricting access to the integrated web server with appropriate mechanisms is recommended
#1738 Ransomware abusing encrypted chat app Telegram protocol cracked
Ransomware which abuses the Telegram app API has been stopped in its tracks only weeks after discovery.

The malware, TeleCrypt, is typical ransomware in the way that the malicious code operates. If Russian-speaking victims accidentally run and execute the software -- potentially through malicious downloads or phishing attacks -- TeleCrypt will encrypt a system and throw up a warning page blackmailing the user into paying a 'ransom' to retrieve their files.

In this case, victims are faced with a demand for 5,000 rubles ($77) for the "Young Programmers Fund."
#1737 Great. Now even your headphones can spy on you
Cautious computer users put a piece of tape over their webcam. Truly paranoid ones worry about their devices’ microphones—some even crack open their computers and phones to disable or remove those audio components so they can’t be hijacked by hackers. Now one group of Israeli researchers has taken that game of spy-versus-spy paranoia a step further, with malware that converts your headphones into makeshift microphones that can slyly record your conversations.

Researchers at Israel’s Ben Gurion University have created a piece of proof-of-concept code they call “Speake(a)r,” designed to demonstrate how determined hackers could find a way to surreptitiously hijack a computer to record audio even when the device’s microphones have been entirely removed or disabled. The experimental malware instead repurposes the speakers in earbuds or headphones to use them as microphones, converting the vibrations in air into electromagnetic signals to clearly capture audio from across a room.

“People don’t think about this privacy vulnerability,” says Mordechai Guri, the research lead of Ben Gurion’s Cyber Security Research Labs. “Even if you remove your computer’s microphone, if you use headphones you can be recorded.”
#1736 WordPress plugins leave BlackFriday shoppers vulnerable
Researchers are calling into question the safety of some of the top WordPress e-commerce plugins used on over 100,000 commercial websites prepping for Black Friday and Cyber Monday online sales.

In reviewing the top 12 WordPress e-commerce plugins, application security testing firm Checkmarx found four with severe vulnerabilities tied to reflected XSS (cross-site scripting), SQL injection and file manipulation flaws.

“If these vulnerabilities are exploited, users of over 135,000 websites could find their personal data, including credit card information, threatened,” according to Checkmarx’s analysis of the plugins, published Tuesday.

One of the four plugins contained three vulnerabilities, the other three contained one each.
#1735 Exploit code released for NTP vulnerability
A researcher has released a proof-of-concept exploit for a vulnerability in the Network Time Protocol daemon that could crash a server with a single, malformed packet.

The Network Time Foundation’s NTP Project on Monday patched the bug and nine others with the release of NTP 4.2.8p9.

The vulnerability affected NTP 4.2.7p22 up to NTP 4.2.8p9, and ntp-4.3.0 up to, but not including ntp-4.3.94, researcher Magnus Stubman said.

Stubman released an exploit on Monday that crashes the NTP daemon and creates a denial-of-service condition.
#1734 Elegant 0-day unicorn underscores “serious concerns” about Linux security
Recently released exploit code makes people running fully patched versions of Fedora and other Linux distributions vulnerable to drive-by attacks that can install keyloggers, backdoors, and other types of malware, a security researcher says.

One of the exploits—which targets a memory corruption vulnerability in the GStreamer framework that by default ships with many mainstream Linux distributions—is also noteworthy for its elegance. To wit: it uses a rarely seen approach to defeat address space layout randomization and data execution prevention, which are two of the security protections built in to Linux to make software exploits harder to carry out. ASLR randomizes the locations in computer memory where software loads specific chunks of code. As a result, code that exploits existing flaws often results in a simple computer crash rather than a catastrophic system compromise. Meanwhile, DEP, which is often referred to as NX or No-Execute, blocks the execution of code that such exploits load into memory.
#1733 Cisco: Security landscape plagued by too many vendors
Vendor saturation is one of the biggest challenges currently plaguing the cybersecurity market, according to system engineer security for Cisco Systems Ronny Guillaume, who is concerned that organisations are surrounded by too much noise to truly understand what it is they actually need to protect their business.

"Studies have shown that companies have up to 70 different security vendors installed and in their company to solve problems," he said.

"Now imagine if you had to go and look at 70 different security products and understand what's going on within your specific network -- it's almost impossible."

Speaking in Sydney on Tuesday, Guillaume pointed to the data breach that plagued US discount retail giant Target nearly three years ago.
#1732 InPage zero-day used in attacks against banks
A zero-day vulnerability in InPage publishing software used primarily in Urdu, Pashto and Arabic-speaking nations has been publicly exploited in attacks against financial institutions and government agencies in the region.

While there are more than 10 million InPage users in Pakistan and India alone, there are a significant number of users in the U.S., U.K. and across Europe as well.

Researchers at Kaspersky Lab today disclosed the vulnerability after a number of attempts to privately report the bug to InPage were ignored.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12