Security Flaws & Fixes - W/E - 8/16/19
Adobe Patches CC Software (08/13/2019)
Adobe Systems has released security updates for its software. These patches are designed to address vulnerabilities to allow an attacker to gain control of a system. The Cybersecurity and Infrastructure Security Agency (CISA) noted that patches are available for: After Effects CC, Character Animator CC, Premiere Pro CC, Prelude CC, Creative Cloud Desktop Application, Acrobat and Reader, Experience Manager, and Photoshop CC.
Adobe Systems has released security updates for its software. These patches are designed to address vulnerabilities to allow an attacker to gain control of a system. The Cybersecurity and Infrastructure Security Agency (CISA) noted that patches are available for: After Effects CC, Character Animator CC, Premiere Pro CC, Prelude CC, Creative Cloud Desktop Application, Acrobat and Reader, Experience Manager, and Photoshop CC.
Apple Issues Security Update for SwiftNIO HTTP/2 (08/13/2019)
Apple has issued a security update to address content within the SwiftNIO HTTP/2. This version 1.5.0 patch addresses an issue whereby the HTTP/2 server may "consume unbounded amounts of memory when receiving certain traffic patterns," a condition that may lead to "resource exhaustion." The update specifically works to improve buffer-size management.
Apple has issued a security update to address content within the SwiftNIO HTTP/2. This version 1.5.0 patch addresses an issue whereby the HTTP/2 server may "consume unbounded amounts of memory when receiving certain traffic patterns," a condition that may lead to "resource exhaustion." The update specifically works to improve buffer-size management.
CERT Warns of HTTP/2 Implementation Flaw (08/14/2019)
The CERT Coordination Center (CERT/CC) has released details regarding vulnerabilities believed to affect HTTP/2 implementations. The group noted that this flaw can allow an attacker to exploit vulnerabilities to cause a DoS (denial-of-service), consume excessive system resources, and lead a DDoS (distributed DoS) attack. Further info and remediation are available via Carnegie Mellon.
The CERT Coordination Center (CERT/CC) has released details regarding vulnerabilities believed to affect HTTP/2 implementations. The group noted that this flaw can allow an attacker to exploit vulnerabilities to cause a DoS (denial-of-service), consume excessive system resources, and lead a DDoS (distributed DoS) attack. Further info and remediation are available via Carnegie Mellon.
Check Point Research Exposes Vulnerabilities in Modern Cameras (08/15/2019)
Check Point Research issued a warning to owners of modern cameras with USB and Wi-Fi connectivity that their devices may be vulnerable to attack. According to the security research firm, attackers can potentially exploit the Picture Transfer Protocol (PTP) in use by most modern cameras as a vector for unauthorized entry. Check Pointed noted that critical flaws were found in Canon's EOS 80D DSLR camera, but it believes these vulnerabilities extend to most similarly equipped cameras from a variety of brands. It recommends updating firmware whenever possible, turning off the camera's Wi-Fi when not in use, and avoiding public Wi-Fi networks.
Check Point Research issued a warning to owners of modern cameras with USB and Wi-Fi connectivity that their devices may be vulnerable to attack. According to the security research firm, attackers can potentially exploit the Picture Transfer Protocol (PTP) in use by most modern cameras as a vector for unauthorized entry. Check Pointed noted that critical flaws were found in Canon's EOS 80D DSLR camera, but it believes these vulnerabilities extend to most similarly equipped cameras from a variety of brands. It recommends updating firmware whenever possible, turning off the camera's Wi-Fi when not in use, and avoiding public Wi-Fi networks.
Cisco Releases Security Update (08/12/2019)
Cisco Systems has released new security updates to address vulnerabilities in several of its products. These exploits, the US Department of Homeland Security (DHS) / CISA noted, can be used to "take control of an affected system." Patches are now available for the Webex Network Recording Player, Enterprise NFV Infrastructure software, IOS XR, Adaptive Security Appliance, and Small Business 220 series of smart switches.
Cisco Systems has released new security updates to address vulnerabilities in several of its products. These exploits, the US Department of Homeland Security (DHS) / CISA noted, can be used to "take control of an affected system." Patches are now available for the Webex Network Recording Player, Enterprise NFV Infrastructure software, IOS XR, Adaptive Security Appliance, and Small Business 220 series of smart switches.
Intel Issues Security Updates (08/13/2019)
Intel issued security updates to address vulnerabilities in several of its products. These weaknesses could allow a hacker to escalate privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the advisories and apply necessary updates for the RAID Web Console, NUC, Authenticate, Driver and Support Assistant, Remote Displays SDK, Processor and Identification Utility for Windows, and Computing Improvement Program.
Intel issued security updates to address vulnerabilities in several of its products. These weaknesses could allow a hacker to escalate privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the advisories and apply necessary updates for the RAID Web Console, NUC, Authenticate, Driver and Support Assistant, Remote Displays SDK, Processor and Identification Utility for Windows, and Computing Improvement Program.
Kaspersky: Cloud Atlas Threat Updated (08/12/2019)
Kaspersky Lab is reporting that the Cloud Atlas ATP (advanced persistent threat (APT) - which is also known as "Inception" - has enhanced its attack arsenal. The advisory noted that Cloud Atlas now features tools to allow it to avoid detection through standard IoC (Indicators of Compromise), and that the updated infection chain has been spotted in "different organizations" in Eastern Europe, Central Asia, and Russia. Further info is available via the Kaspersky and SecureList Web sites.
Kaspersky Lab is reporting that the Cloud Atlas ATP (advanced persistent threat (APT) - which is also known as "Inception" - has enhanced its attack arsenal. The advisory noted that Cloud Atlas now features tools to allow it to avoid detection through standard IoC (Indicators of Compromise), and that the updated infection chain has been spotted in "different organizations" in Eastern Europe, Central Asia, and Russia. Further info is available via the Kaspersky and SecureList Web sites.
Microsoft Patches RCE Vulnerabilities within Remote Desktop Services (08/13/2019)
Microsoft released two patches for Remote Desktop Services. These fixes specifically address RCE (remote code execution) vulnerabilities that it lists as "wormable," or able to be propagated as malware between systems without user interaction. Specific details come via the Microsoft Security Response Center.
Microsoft released two patches for Remote Desktop Services. These fixes specifically address RCE (remote code execution) vulnerabilities that it lists as "wormable," or able to be propagated as malware between systems without user interaction. Specific details come via the Microsoft Security Response Center.
Microsoft's August 2019 Patch Tuesday Release Targets 4 Remote Execution Flaws (08/15/2019)
Microsoft published the details of the August edition of its monthly security patch. The Windows maker patched a total of 93 security flaws with this release. The most important of these corrections was a quartet of remote code execution (RCE) bugs fixed in the Windows Remote Desktop Services (RDS) component -- CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226. The company warned that these issues, if left unpatched, could allow an attacker to remotely take control of a system, and use that system to spread the infection to additional computers. The company recommends that all Windows owners update to the latest patch immediately.
Microsoft published the details of the August edition of its monthly security patch. The Windows maker patched a total of 93 security flaws with this release. The most important of these corrections was a quartet of remote code execution (RCE) bugs fixed in the Windows Remote Desktop Services (RDS) component -- CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226. The company warned that these issues, if left unpatched, could allow an attacker to remotely take control of a system, and use that system to spread the infection to additional computers. The company recommends that all Windows owners update to the latest patch immediately.
Researchers Demonstrate Biometric Facial-Recognition Bypass (08/12/2019)
It was reported that a flaw in biometrics technology could allow a hacker to crack facial-recognition steps such as those found in Apple FaceID. ThreatPost noted that "researchers" at Black Hat USA 2019 demonstrated an attack using "modified glasses" on the victim's face. The attack employs the "liveness" detection feature - which is a component of biometric authentication that analyzes background noise, response distortion, or focus blur.
It was reported that a flaw in biometrics technology could allow a hacker to crack facial-recognition steps such as those found in Apple FaceID. ThreatPost noted that "researchers" at Black Hat USA 2019 demonstrated an attack using "modified glasses" on the victim's face. The attack employs the "liveness" detection feature - which is a component of biometric authentication that analyzes background noise, response distortion, or focus blur.
Security Researchers Detail Flaws in Six Popular Printer Brands (08/15/2019)
Researchers at security firm NCC Group discovered serious security flaws in six popular printer brands that they claim could lead to hijacked accounts and unauthorized access to local files. While the specific flaws varied from brand to brand and model to model, some of the most common were buffer overflow vulnerabilities leading to remote code execution (RCE) holes, vulnerabilities in the outdated Line Printer Daemon (LPD) protocol, and a lack of account lockout measures to prevent brute force attacks. The affected brands were HP, Lexmark, Brother, Ricoh, Xerox, and Kyocera.
Researchers at security firm NCC Group discovered serious security flaws in six popular printer brands that they claim could lead to hijacked accounts and unauthorized access to local files. While the specific flaws varied from brand to brand and model to model, some of the most common were buffer overflow vulnerabilities leading to remote code execution (RCE) holes, vulnerabilities in the outdated Line Printer Daemon (LPD) protocol, and a lack of account lockout measures to prevent brute force attacks. The affected brands were HP, Lexmark, Brother, Ricoh, Xerox, and Kyocera.
Siemens Explains SCALANCE X, Other Flaws (08/13/2019)
Among nearly a dozen product advisories, Siemens recently reported on a critical flaw within its SCALANCE X brand switches. These items, it was noted, contain an "exploitable remotely/low skill level" exploit risk, and can lead to a DOS (denial-of-service) attack. The Cybersecurity and Infrastructure Security Agency (CISA) also confirmed the severity of this issue.
Among nearly a dozen product advisories, Siemens recently reported on a critical flaw within its SCALANCE X brand switches. These items, it was noted, contain an "exploitable remotely/low skill level" exploit risk, and can lead to a DOS (denial-of-service) attack. The Cybersecurity and Infrastructure Security Agency (CISA) also confirmed the severity of this issue.