Category: Uncategorized

Cybersecurity firm Chronicle, owned by Alphabet, announced the launch of a new VirusTotal service that promises to reduce false positives.

VirusTotal Monitor is a new service that allows software developers to upload their creations, before they are published, to a private cloud store in VirusTotal. Files in this private bucket are scanned with all 70+ antivirus engines in VirusTotal on a daily basis, using the latest detection signature sets. As soon as a file is detected as malicious by an engine, both the software developer and anti-virus vendors are notified.

This is a big win for anti-virus vendors, who now have context about a detected file: Who is the company behind it, when was it released etc.

This is equally a big win for software developers, as they can upload their creations to Monitor at pre-publish stage, to ensure a release without issues.

Read more about it here.

Google Groups is a service from Google that provides discussion groups for people sharing common interests. By default, Google Groups are set to private; there have been a number of instances, however, where G Suite Administrators have accidentally shared sensitive information as a result of misconfigured Google Groups privacy settings. Google has published a G Suite update here.

According to a recent research by Kenna Security, thousands of organizations seem to be inadvertently leaking internal or customer information. Examples of real e-mails found during the research are past due invoices, password recovery information and GitHub credentials.

Read more about it here.

Microsoft and Google have jointly disclosed a new side-channel CPU flaw, called Speculative Store Bypass. It is similar to the Spectre exploit that was reported in January 2018. This new exploit would require firmware update to the affected CPU’s. Intel has already released a beta firmware update.

Read more about it here.

Chili’s Grill & Bar, a popular restaurant chain, learned on May 11, 2018 that some guests’ payment card information was compromised at certain Chili’s restaurants. The data incident was limited to between March and April of 2018.

Read more about it here.

Cybersecurity enthusiast Kushagra Pathak discovered a vulnerability in the Trello web management, allowing to mine credentials from doznes of public Trello boards with simple Google queries.

Trello is the project collaboration tool for enterprise and personal use. By default, Trello boards are set to either private or team-visible only. That doesn’t stop users from manually sharing personal boards that include confidential information, which may later by indexed by search engines. The credentials include usernames, passwords, API keys and more.

User should never store credentials on public boards.

Read more about it here.

Hackers once stole Las Vegas casino high-roller database via its fish tank, said Nicole Eagan, the CEO of cyber defense company Darktrace, on April 12, 2018, at the WSJ CEO Council Conference in London.

The hackers were able to breach the thermostat in the fish tank, which was used to control the temperature and quality of the water remotely. They then found the high-roller database, and then pulled that back across the network, out the thermostat, and up to the cloud. The name of the casino wasn’t revealed.

Hackers are increasingly targeting “internet of things” (IOT) devices to find their way into corporate networks.

Read more about it here.

FIN7 hacking group stole credit card and debit card information from millions of consumers who have purchased at Saks Fifth Avenue, Saks Off 5th and Lord & Taylor stores. Parent company Hudson’s Bay Co. stated that the breach didn’t affect its online shopping sites or other brands.

Read more about it here.

On March 29, 2018, Under Armour announced that about 150 million accounts on its popular health app MyFitnessPal were hacked in February 2018. The affected data includes usernames, e-mail addresses, and hashed passwords. The company doesn’t collect Social Security numbers or driver’s license information, and credit card data is collected and stored separately. The company recommended that all users change their passwords.

For most users, the company uses the hash function “bcrypt” to convert all passwords into a hard-to-crack hash. However, some of the users had their password hashed using a less secure hash function called “SHA-1”.

The company recommended that all users change their passwords.

The root cause for the data breach wasn’t immediately disclosed.

Read more about it here.

15 year old security researcher Saleem Rashid discovered a flaw in cryptocurrency hardware wallets made by Ledger, a French company whose popular products are designed to physically safeguard public and private keys used to receive or spend the user’s cryptocurrencies.

The root cause is that the Ledger devices use a secure processor chip and a non-secure microcontroller chip. An attacker could compromise the insecure processor.

Ledger released a patch on March 6, 2018 to address vulnerability, and Eric Larchevêque, Ledger’s CEO, stated that the company hadn’t received any reports of hackers actually accessing the crypto keys.

Read more about it here.

On February 28, 2018, popular source code hosting web site GitHub was hit by the largest-ever distributed denial of service (DDoS) attack, that peaked at 1.35 Tbps. The attack abused servers running Memcached, an open source distributed memory object caching system. The attack was an amplification attack, where the attacker sends a request of a few bytes to the target server, causing the server to respond with a much larger response, up to 51,200 times larger.

The Github website is protected by the anti-DDoS service provided Akamai.

Read more about it here.