Cyber Bites

CrowdStrike, the cyber security company that uncovered Russian hackers inside the servers of the Democratic National Committee following the 2016 US election, announced plans to list on the Nasdaq exchange on Tuesday.  The California-based company, which was valued at more than $3bn at its last funding round in June, joins the ranks of the so-called “unicorns” that have headed for public markets in 2019. Ride-hailing app Uber listed last week, following in the footsteps of...

Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors. As Sanguine Security researcher Willem de Groot found out, "The security seal as sold by @bestoftheweb contains even 2 different keystroke loggers. One was added on Apr 24th, the other last week." After de Groot disclosed his discovery to Best of the Web, the company...

Security researchers have found a new class of vulnerabilities in Intel chips which, if exploited, can be used to steal sensitive information directly from the processor. The bugs are reminiscent of Meltdown and Spectre, which exploited a weakness in speculative execution, an important part of how modern processors work. Speculative execution helps processors predict to a certain degree what an application or operating system might need next and in the near-future, making the app run...

Microsoft released its monthly batch of security updates known as Patch Tuesday, and this month's security release includes fixes for 79 vulnerabilities in a wide range of Microsoft products. The two headliners of this month's patches are CVE-2019-0863, a zero-day vulnerability exploited in the wild, and ADV190013, a security advisory for dealing with the latest wave of Intel CPU flaws that came to light only a few hours before. The zero-day is an elevation of...

Connecticut-based Southeastern Council on Alcoholism and Drug Dependence is notifying 25,148 patients that their data was potentially breached during a February ransomware attack. On February 18, SCADD officials said they discovered some disruptions the network. A review determined a ransomware attack had compromised some of its systems. SCADD worked with a third-party forensics team to investigate. The investigation determined the compromised data included patient names, addresses, Social Security numbers, medical histories, and treatments. Officials said...

The city of Washington’s entire communications system was shut down by a malware attack last week. Now, 11 Investigates uncovered nearly half a dozen local police departments that are dealing with a separate hack involving their records. Whitehall and Munhall police operate independently in just about every way imaginable. But those departments, along with at least three others, are dealing with the same problem: a malware attack on their records systems. Source: WPXI

An unprotected Elasticsearch server was found publicly exposing personally identifiable information belonging to nearly 90% of Panama citizens, a security researcher found last week. Bob Diachenko, cyber threat intelligence director at Security Discovery, found the data sitting in a server, where it was publicly available and visible in any browser. The database held 3.4 million records containing detailed information on Panamanian citizens, labeled "patients," as well as 468,086 records labeled "test-patient." He reports the exposed...

A vulnerability in Cisco routers has massive global implications. To compromise the routers, researchers from the security firm Red Balloon exploited two vulnerabilities. The first is a bug in Cisco’s IOS operating system—not to be confused with Apple's iOS—which would allow a hacker to remotely obtain root access to the devices…The second vulnerability, though, is much more sinister. Once the researchers gain root access, they can bypass the router's most fundamental security protection. Known as...

Hackers were able to remotely install surveillance software on phones and other devices using a major vulnerability in messaging app WhatsApp, it has been confirmed. WhatsApp, which is owned by Facebook, said the attack targeted a "select number" of users, and was orchestrated by "an advanced cyber actor". A fix was rolled out on Friday. The attack was developed by Israeli security firm NSO Group, according to a report in the Financial Times. On Monday, WhatsApp urged...

Hackers have breached analytics service Picreel and open-source project Alpaca Forms and have modified JavaScript files on the infrastructure of these two companies to embed malicious code on over 4,600 websites, security researchers have told ZDNet. Source: ZDNet