Breach CVE Cyber Security Data leak DDoS Hacking Ransomware Vulnerability Zero-day

440K ProctorU user records published after breach, Qualcomm, MediaTek Wi-Fi chips hit by KrØØk, and more

Major cybersecurity events on 7th August 2020 (Morning Post): Netwalker ransomware operators claims to have breached the networks of Forsee Power. New side-channel attacks target Intel, ARM, IBM, AMD processors. Smart lock IoT devices opened with just Mac addresses.

Round Up of Major Breaches and Scams

Online Exam Tool Suffers Data Breach

An investigation is under way into a data breach that impacted an online examination tool used by educational establishments around the world. The breach affected users of software made by American company ProctorU to provide live and automated online proctoring services for academic institutions and professional organizations. According to Honi Soit, a database of 440,000 ProctorU user records was published by hacker group ShinyHunters over the past week along with hundreds of millions of other user records.

Round Up of Major Malware and Ransomware Incidents

Netwalker ransomware operators claim to have stolen data from Forsee Power

Netwalker ransomware operators breached the networks of Forsee Power, a well-known player in the electromobility market. A new company has been added to the list of the victims of the Netwalker ransomware operators, it is Forsee Power, which provides advanced lithium-ion battery systems for any mobility application. The industrial group is based in France and in the US USA, it is one of the market leaders in Europe, Asia, and North America with annual revenue of around $65 million and over 200 employees.

Round Up of Major Vulnerabilities and Patches

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks

Discovery of several new attacks exploiting the underlying root cause, including an address-translation attack in more restricted contexts, direct leakage of register values in specific scenarios, and an end-to-end Foreshadow exploit targeting non-L1 data. A novel cross-core covert channel attack that, in some instances, could let attackers observe caching of the address (or value) stored in a register without relying on shared memory.

KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips

Qualcomm and MediaTek Wi-Fi chips were found to have been impacted by new variants of the KrØØk information disclosure vulnerability discovered by ESET researchers Robert Lipovský and Štefan Svorenčík. KrØØk, tracked as CVE-2019-15126, can be used by attackers to decrypt some WPA2-encrypted wireless network packets transmitted by vulnerable devices after successful exploitation by forcing them to use all-zero encryption keys to encrypt part of the exchanged traffic.

The Long Shadow of Stuxnet: New Microsoft Print Spooler Vulns Revealed

Researchers Peleg Hader and Tomer Bar of SafeBreach share details of the three vulnerabilities they found in Windows Print Spooler that could allow an attacker to sneak into the network through an old printer service mechanism.

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches. Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service (DoS) attacks. The vulnerability stems from the IPv6 packet processing engine in the switches. IPv6 (also known as Internet Protocol version 6) is the most recent version of the Internet Protocol (IP).

Smart locks opened with nothing more than a MAC address

A smart lock sold by major US retailers could be opened with no more than a MAC address, researchers say. Smart locks have slowly been adopted as an intelligent, Internet of Things (IoT) alternative to traditional lock-and-key methods to securing a property. Complementing other IoT devices including wireless doorbells, smart locks and deadbolts are used by the general public to secure their homes, and they also have business use cases — such as when properties are listed on Airbnb, as they can be remotely managed by hosts who do not have to organize a key handover on-site to guests.

Black Hat: Hackers are using skeleton keys to target chip vendors

Targeted attacks against semiconductor companies in Taiwan may not be well-known, but this does not mean the ripple effect of a successful hack would not be felt worldwide. Over the past decade, Taiwan has slowly established itself as a hotbed for chip companies in both development and production. Taiwan Semiconductor Manufacturing Company (TSMC) is a major player in the field and over time, the market value of the overall semiconductor and equipment manufacturing sector in the country has increased.