Amazon Echo Hacked at Pwn2Own Tokyo 2019 and Ransomware Attacks Hit Spanish Companies

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a ransomware that is attacking Spanish companies and how nearly 50 adware apps were found on Google Play. Also, read about how an Amazon Echo was hacked on the first day of Pwn2Own Tokyo 2019.

Read on:

Facebook Portal Survives Pwn2Own Hacking Contest, Amazon Echo Got Hacked

Amazon Echo speakers, Samsung and Sony smart TVs, the Xiaomi Mi9 phone, and Netgear and TP-Link routers were all hacked on the first day of ZDI’s Pwn2Own Tokyo 2019 hacking contest.

New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse

In October 2019, Trend Micro discovered a new exploit kit named Capesand, which attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer. Based on our investigation, it also exploits a 2015 vulnerability for Internet Explorer.

Inside the Microsoft Team Tracking the World’s Most Dangerous Hackers

Microsoft’s latest win over cloud rival Amazon for the lucrative military contact means that an intelligence-gathering apparatus among the most important in the world is based in the woods outside Seattle. Now in this corner of Washington state, dozens of engineers and intelligence analysts are watching and stopping the government-sponsored hackers proliferating around the world.

Halloween Exploits Scare: BlueKeep, Chrome’s Zero-Days in the Wild

On October 31, Chrome posted that a stable channel security update for Windows, Mac, and Linux versions of Chrome will be rolled out in order to fix two use-after-free flaws in audio and PDFium. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a statement advising users and administrators to apply the updates.

A Stranger’s TV Went on Spending Spree with My Amazon Account – and Web Giant Did Nothing About it for Months

After a fraudster exploited a bizarre weakness in Amazon’s handling of customer devices to hijack an account and go on spending sprees with their bank cards, it was discovered that it is possible to add a non-Amazon device to your Amazon customer account and it won’t show up in the list of gadgets associated with the profile.

Ransomware Attacks Hit Spanish Companies, Paralyzes Government Services in Canadian Territory of Nunavut

A ransomware campaign recently hit companies in Spain, including Cadena Sociedad Española de Radiodifusión (SER), the country’s largest radio network. In another part of the globe, threat actors managed to infect government systems with ransomware in the Canadian territory of Nunavut.

Amazon’s Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password

Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network.

Unpatched Remote Code Execution rConfig Flaws Could Affect Millions of Servers and Network Devices

Details on the proof-of-concept (PoC) exploit for two unpatched, critical remote code execution (RCE) vulnerabilities in the network configuration management utility rConfig have recently been disclosed. At least one of the flaws could allow remote compromise of servers and connected network devices.

California DMV Data Breach Exposed Thousands of Drivers’ Information, Agency Says

A data breach at the California Department of Motor Vehicles may have exposed some drivers’ Social Security number information to seven government entities, according to the DMV. The breach affects about 3,200 individuals over at least the last four years, the agency said in a statement.

49 Disguised Adware Apps with Optimized Evasion Features Found on Google Play

Trend Micro recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. These apps are no longer live, but before they were taken down by Google, the total number of downloads was more than 3 million. This Trend Micro blog discusses solutions and security recommendations for protecting against adware apps.

CVE-2019-2114: Patched Android Bug That Allows Possible Installation of Malicious Apps

An Android bug that could allow threat actors to bypass devices’ security mechanisms was discovered by Nightwatch Cybersecurity. Successful abuse of the bug can allow threat actors to transfer a malicious application to a nearby Near Field Communication (NFC)-enabled device via the Android Beam. The bug affects Android version 8 (Oreo) or higher.


Surprised by the devices that were hacked on the first day of Pwn2Own Tokyo 2019? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay. Source :
https://blog.trendmicro.com/this-week-in-security-news-amazon-echo-hacked-at-pwn2own-tokyo-2019-and-ransomware-attacks-hit-spanish-companies/

How to Protect Multi-Cloud Environments with a Virtual Firewall

Virtualization technology is powering a momentous revolution in today’s modern data centers and clouds, leading to designs that are commonly a mix of private, public and hybrid cloud computing environments.

International Data Corporation (IDC) research predicts that more than 90% of organizations will have some portion of their applications or infrastructure running in the cloud by the end of 2024.

As multi-cloud migration happens and organizations embrace technologies, such as containers, network virtualization must expand to adequately secure highly dynamic environments ranging from public clouds to private clouds to data centers. Otherwise, organizations face the risks of visibility blind spots and control challenges.

To circumvent this, organizations are implementing cloud security solutions that operate together and are easily managed. The benefits of cloud computing are well-known and significant. However, so are the security challenges, exemplified by the many recent high-profile data breaches. Whether stored in a physical data center or in a public, private or hybrid cloud, your data is the hacker’s goal.

Securing the cloud introduces a range of challenges, including a lack of network traffic visibility, unpredictable security functionality and the struggle to keep pace with the rate of change commonly found in cloud computing environments. To be efficacious, organizations need a cloud security solution that:

  • Identifies and controls network traffic within the cloud based on identity, not the ports and protocols they may use.
  • Stops malware from gaining access to and moving laterally within the cloud.
  • Determines who should be allowed to use the applications, and grants access based on need and credentials.
  • Streamlines deployment and gets a new instance up and running with a click. You do not want to configure each virtual firewall, since that is time-consuming. Ideally, you have a pre-defined configuration pushed to the device and it is up and running.
  • Cost-effectively replaces expensive WAN connection technologies, such as MPLS, with secure SD-WAN.
  • Simplifies administration and minimizes the security policy delay as virtual machines (VM) are added, removed or moved within the cloud environment.

Securing the cloud with SonicWall NSv virtual firewalls

Recently, SonicWall announced a new firmware, SonicOS 6.5.4, on its virtual firewall platforms to provide feature parity with its hardware firewall platform.

SonicWall Network Security virtual (NSv) firewalls now support secure SD-WAN, Zero-Touch Deployment, DNS security, Restful API and many more features that help solve the aforementioned problems.

SonicWall NSv firewalls help security teams reduce different types of security risks and vulnerabilities, which can cause serious disruption to business-critical services and operations.

With full-featured security tools and services, including reassembly-free deep packet inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shields all critical components of your private/public cloud environments.

NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VN). This allows it to capture communications and data exchanges between VMs for automated breach prevention, while establishing stringent access control measures for data confidentiality and VM safety and integrity.

Security threats (such as cross-virtual-machine or side-channel attacks and common network-based intrusions and application and protocol vulnerabilities) are neutralized successfully through SonicWall’s comprehensive suite of security services.

All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and the Capture Advanced Threat Protection (ATP) multi-engine sandbox.

Soruce :
https://blog.sonicwall.com/en-us/2019/10/how-to-protect-multi-cloud-environments-with-a-virtual-firewall/
Exit mobile version