Data-breach detection
According to a new study, data breaches are taking longer to detect
than last year. It now takes an average of 197 days for a company
to identify a breach and 69 days to contain it. To read more:
https://www.natlawreview.com/article/data-breaches-taking-slightly-longer-to-detect-study-finds
HealthCare.gov
A government computer system that interacts with HealthCare.gov was
compromised earlier this month, and the personal data of 75,000
people was accessed by the hacker. To read more: https://www.apnews.com/212e1e36b10945968704bd7e86598a65
Voter records
Cybersecurity researchers found the personal information and voting
history for more than 35 million US voters for sale on a popular
dark-web hacking forum. To read more: https://www.komando.com/happening-now/498324/hacked-tens-of-millions-of-us-voter-records-are-being-sold-on-the-dark-web-what-this-means-to-you
PHP
More than 62% of websites are still running PHP version 5, even as
support for it is being dropped later this year. Starting December,
versions 5.6 and 7.0 will no longer be supported, and users are
being urged to upgrade their PHP in order to ensure security. To
read more: https://threatpost.com/as-end-of-life-nears-more-than-half-of-websites-still-use-php-v5/138352/
iPhone
A security researcher discovered a bug in iOS 12 that enables
attackers to access contacts and photos of any iPhone in their
possession. To read more: https://thehackernews.com/2018/10/iphone-lock-passcode-bypass.html
Tumblr
Tumblr recently patched a security vulnerability on its website
that could have enabled hackers to steal login credentials and
other private information. To read more: https://thehackernews.com/2018/10/tumblr-account-hacking.html
LibSSH
A four-year-old vulnerability has been discovered in the Secure
Shell implementation library known as Libssh. The vulnerability is
an authentication-bypass issue that was introduced in Libssh
version 0.6, released in 2014. To read more: https://thehackernews.com/2018/10/libssh-ssh-protocol-library.html
Update: Red Hat and F5 Networks have announced that their products are affected by the vulnerability. To read more: https://www.zdnet.com/article/vendors-confirm-products-affected-by-libssh-bug-as-poc-code-pops-up-on-github/
jQuery
Hackers have abused a zero-day for the past three years in one of
the most popular jQuery plugins. The vulnerability impacts the
jQuery File Upload plugin, which is the second most starred jQuery
project on GitHub. To read more: https://www.zdnet.com/article/zero-day-in-popular-jquery-plugin-actively-exploited-for-at-least-three-years/
Azorult
This malware, which can steal everything from passwords and
credit-card details to cryptocurrencies appears to have been
updated. To read more: https://www.zdnet.com/article/password-and-credit-card-stealing-azorult-malware-adds-new-tricks/
VLC
Security researchers discovered a serious code-execution
vulnerability in the LIVE555 Streaming Media library that is used
by VLC and MPlayer. LIVE555 is a set of C++ libraries that
applications use to stream multimedia over open-standard protocols.
To read more: https://thehackernews.com/2018/10/critical-flaw-found-in-streaming.html
D-Link routers
Eight D-Link routers are vulnerable to complete takeover; D-Link,
however, says it will patch only two of them. A full compromise
including remote command-injection can be achieved by linking three
of the cascading vulnerabilities together. To read more: https://threatpost.com/multiple-d-link-routers-open-to-complete-takeover-with-simple-attack/138383/
Medtronic cardiac programmers
A flaw in Medtronic’s CareLink 2090 and CareLink Encore 29901
programmers could have enabled remote code implantation over the
dedicated software-deployment network. The programmers are used for
programming, testing and evaluating “cardiac implantable
electrophysiology devices” such as pacemakers. To read more:
https://threatpost.com/remote-code-implantation-flaw-found-in-medtronic-cardiac-programmers/138363/
Windows PCs
A security researcher has found a simple way of assigning admin
rights and gaining boot persistence on Windows PCs. The technique
was first detailed in December 2017, but has not received any media
coverage or been observed in any malware campaigns since then. To
read more: https://www.zdnet.com/article/researcher-finds-simple-way-of-backdooring-windows-pcs-and-nobody-notices-for-ten-months/
Sign up below and receive these reports and more directly in your inbox.