Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

WPA2

A security researcher went public with a serious flaw in the security protocol WPA2. Key Reinstallation Attacks work against all modern protected wi-fi networks. To read more: https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/

We Heart It

The image-sharing site is informing users that their personal data may have been compromised. The security breach involved over 8 million accounts and while the passwords were encrypted they were not secure. To read more: https://techcrunch.com/2017/10/16/we-heart-it-says-a-data-breach-affected-over-8-million-accounts-included-emails-and-passwords/

Microsoft vulnerability database

Microsoft detected the breach back in 2013 but it has now come to light that the hackers also compromised the database used to track patches. The database was protected by a single password. To read more: https://www.grahamcluley.com/microsoft-bug-tracking-hack/

Reported Vulnerabilities

Eltima

Eltima Software announced that the latest versions of its Elmedia Player app came with OSX.Proton malware. The software was injected into downloads of the application. Proton malware is a remote-control Trojan that targets Apple’s MacOS. To read more: https://www.theregister.co.uk/2017/10/20/mac_os_reinstall_eltima_elmedia_malware/

Advanced Linux Sound Architecture

The bug, CVE-2017–15265, is due to a memory error in the ALSA sequencer interface. An attacker could exploit the vulnerability by running a crafted application on a targeted system. To read more: https://www.theregister.co.uk/2017/10/15/advanced_linux_sound_architecture_vulnerable_to_privilege_escalation/

Adobe

Adobe issued an emergency patch for Flash. The flaw, CVE-2017–11292, affects all current version of Flash for Windows, macOS, Linux and Chrome OS. The flaw allows malicious Flash files to corrupt the plugin’s internal memory structures and gain remote code execution. To read more: https://www.theregister.co.uk/2017/10/16/adobe_flash_emergency_patch/

RSA encryption

Flawed chipsets used by PCs to generate RSA encryption keys have a known vulnerability. Researchers revealed the flaw in cryptographic smartcards, security tokens, chipset and secure hardware manufactured by Infineon Technologies. To read more: http://www.zdnet.com/article/as-devastating-as-krack-new-vulnerability-undermines-rsa-encryption-keys/

SSH Keys

SSH private keys are being targeted by hackers who are scanning for them on servers hosting WordPress websites. Researchers observed a single entity scanning 25,000 systems a day seeking vulnerable keys. To read more: https://threatpost.com/hackers-take-aim-at-ssh-keys-in-new-attacks/128537/

Minecraft apps

Malicious Minecraft Android apps have been uncovered in the Google Play store. Eight apps were infected with the Sockbot malware, with an install base of 600,000 to 2.6 million devices. To read more: http://www.zdnet.com/article/android-minecraft-app-malware-enslaves-your-device-to-botnets/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.