Round Up of Major Cyber Security News
JailCore App exposes inmates’ details on unsecured S3 bucket
JailCore, a cloud-based correctional facility management and compliance application, has left inmate details exposed on an unsecured Amazon S3 bucket. Wherein, 36,000 exposed PDF files could be accessed without a password. The files contained inmates’ information, including personal identifiers and prescription records. This exposed data could be potentially used to design phishing attacks and stigmatize prisoners.
Microsoft previews feature that protects docs opened outside ‘Protected View’
Microsoft has released ‘Safe Docs’ feature for public preview. Safe Docs is an Office 365 ProPlus security feature that will detect malware even if the office document is opened outside the Protected View sandbox. This feature aims to address the security risk to documents, when they are opened outside the Protected View, to perform activities such as printing. Thus, exposing the organization’s network to threats. Since this feature uses the Microsoft Defender antivirus backend, documents will be checked for all known threats.
Round Up of Major Malware and Ransomware Incidents
Microsoft advises admins to disable SMBv1 protocol to avoid malware
In a recent post, Microsoft has advised administrators to disable the 30-year-old SMBv1 network communication protocol on Exchange servers, since it does not have the security features that been updated in later versions of the SMB protocol. This is necessary to avoid it vulnerabilities, such as EternalBlue and EternalRomance, from being exploited by malware, such as TrickBot, Emotet, WannaCry, Retefe, NotPetya, and the Olympic Destroyer, that will infect other machines and steal login credentials.
2016 ransomware attack, on Florida county election office, ha been confirmed
It has come to light that an election office in a Florida county was targeted by a ransomware attack, weeks before the 2016 US presidential elections. The election office’s computer systems were infected and encrypted by the malware.
Round Up of Major Vulnerabilities and Patches
Patch to address critical flaw in WordPress GDPR Cookie Consent Plugin
WordPress GDPR Cookie Consent plugin, that is used to display cookie banners to show a website’s EU Cookie Law (GDPR) compliance, was found to have critical bugs. The 700,000 sites that use the plugin were rendered vulnerable to unauthorized content modification and malicious code injection, due to an improper access control. The vulnerability affects version 1.8.2, but has been patched in the version 1.8.3, that was released on the 10th of February.
Intel warns against a severe security flaw in the CSME subsystem
Intel has put out an advisory, warning against a severe security vulnerability in the CSME subsystem. This flaw could allow escalation of privilege, denial of service, and information disclosure. Intel has recommended that all CSME versions before 12.0.49 should be updated to versions 12.0.49, 13.0.21, and 14.0.11 or later, in which this issue has been addressed.