UNM4SK3D: Equifax, Bluetooth, and Zerodium
#hacked- big time.Chances are you've heard about the Equifax breach, which led to the compromise of 143 million US consumer's data including the names, social security numbers, dates of birth, addresses, and in some cases, drivers license numbers. In the wake of the breach, we've heard stories of corrupt Equifax executives selling their stock prior to the publication of the hack and previously disclosed security holes resurfacing, but now we have more context to this massive security blunder. Equifax, one of the three largest consumer credit reporting agencies in the United States, handles data on more than 820 million customers and 91 million businesses worldwide. Comforting. In a statement released September 7th, the company disclosed that cyber criminals managed to gain access to sensitive data in their systems from mid-May through July. We now know they were able to do so using an Apache Struts vulnerability exploited in the wild, apparently discovered by financial services firm Baird. "An update posted by Equifax on Wednesday to the website dedicated by the company to the cyber security incident confirms that CVE-2017-5638 was the Apache Struts 2 flaw exploited by attackers."This means the breach was possible due to the Equifax’s failure to patch a critical vulnerability more than two months after its disclosure. Since this incident, others have highlighted holes in the company's security, including unpatched cross-site scripting (XSS) vulnerabilities reported more than one year ago, and the heinous lack of many basic protections. On Tuesday, security blogger Brian Krebs reported that an Equifax Argentina employee portal exposed 14,000 records, including employee credentials and consumer complaints. Additionally, Equifax has admitted 'limited' personal information belonging to UK and Canadian residents were also accessed. 40 states, including New York and Illinois, have launched a formal investigation. In the wake of this terrible breach, Equifax shares have fallen more than 30%, wiping roughly $5.3 billion of their market capitalization.
Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cyber security firm to determine what information was accessed and who have been impacted. -Equifax official statementWhat can organizations learn from this critical breach? Read the 'Top 5' list to find out.
#vulnerabilityBluetooth users beware. It seems you're at risk for malware attacks that can be carried out remotely, taking over your device without any user permissions.Security researchers from Armis Labs recently discovered 8 zero-day vulnerabilities in a Bluetooth protocol that impacts more than 5.3 billion, yes billion, Android, iOS, Windows, Linux, and Internet of things (IoT) devices using the short-range wireless communication technology. The researchers then devised an attack, dubbed 'BlueBorne,' which gives attackers complete access to Bluetooth-enabled devices, allowing them to spread malware, or even establish a 'man-in-the-middle' connection to gain access to devices' data and networks without requiring any user interaction. Successful exploitation requires that Bluetooth is enabled, of course, and that the attacker is in close proximity to the victim.Ben Seri, head of research team at Armis Labs, claims that during an experiment in the lab, "his team was able to create a botnet network and install ransomware using the 'BlueBorne' attack." This could mean that the 'BlueBorne' attack has the potential to spread like the wormable 'WannaCry.' Armis responsibly disclosed the vulnerabilities to all the major affected companies a few months ago. Those companies include Google, Apple, Microsoft, Samsung and the Linux Foundation, of which Google and Microsoft have already made patches available.
Unfortunately, this set of capabilities is extremely desireable to a hacker. BlueBorne can serve any malicious objective, such as cyber espionage, data theft, ransomware, and even creating large botnets out of IoT devices like the Mirai Botnet or mobile devices as with the recent WireX Botnet. -Armis researchersInterested in a BlueTooth testing and research tool? Check out Ubertooth One.
In many cases, [Tor] used by ugly people to conduct activities such as drug trafficking or child abuse. We have launched this special bounty for Tor Browser zero-days to help our government customers fight crime and make the world a better and safer place for all. -statement from ZerodiumLearn the basics of zero-days. Read 'An Introduction to Ethical Hacking.'
#factbyteAccording to a survey from Barkly, 'Security Confidence Headed Into 2017,' 52% of organizations that suffered successful cyber attacks in 2016 aren't making any changes to their security in 2017. Olivia Lynch (@Cybrary_Olivia) is the Marketing & Communications Manager at Cybrary. Like many of you, she is just getting her toes wet in the infosec field and is working to make cyber security news more interesting. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!