From Paul's Security Weekly
Hack Naked News #192
Recorded October 9, 2018 at G-Unit Studios in Rhode Island!
- Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
- Tenable Researcher Reveals Extended MikroTik Router Vulnerability - From the article: In April, the CVE-2018-14847 vulnerability was first reported in MikroTik routers that have millions of users worldwide. That initial report indicated the scope of the vulnerability was limited and only had moderate impact, but that's not what Tenable researcher Jacob Baines found. On Oct. 7 at the Derbycon conference, Baines disclosed how attackers can remotely exploit that flaw without the need for any authentication. This vulnerability also underscores the need for a secure and reliable framework that allows companies to manage IoT devices, both in development and production, without introducing security weaknesses. Microsoft's Azure Sphere is one such new project that I really like as a solution to this problem, but challenges will persist in the meantime.
- Wi-Fi versions to get names people can actually understand - This can be confusing, and the article does a nice job of summarizing: The original 802.11 standard was first ratified in 1997. The first extension was 802.11a in 1999, offering 54Mbit/sec at 5Ghz, and 802.11b in the same year, offering 11Mbit/sec at 2.4GHz. Then, 802.11g offered the higher bandwidth at the lower 2.4GHz frequency, meaning higher bandwidth at longer range. Meanwhile, 802.11n offered even higher bandwidth and better range thanks to its antennae design. Then came 802.11ac in 2013, which offered even more capacity, once more using the cleaner 5GHz spectrum...The next generation of Wi-Fi networking technology has been renamed Wi-Fi 6.
- Don't fall for the Facebook 2nd friend request hoax - This is really annoying, and the article sums it up nicely: Why would you have sent a friend request to somebody you’re already friends with? And then why in the world would you uncritically send this message to your Facebook friends? The short answers are that you wouldn’t and you shouldn’t. You should delete the message and ignore the instructions to forward it because it’s a hoax. Now, attackers with malicious intent will try and succeed, at cloning your profile and trying to become friends with your friends. Also, Facebook did have a security incident that we covered last week. It is important to tell your friends and family that these are all separate things. We are working on recording and releasing a Secure Digital Life episode that explains this in a way that non-security and non-IT people will understand.
- How Shared Pools of Cloud Computing Power Are Changing the Way Attackers Operate - Certainly the trends will continue, more companies will move to the cloud and so will the attackers: from the article: In the past, it would be easy for researchers and security teams with some experience to identify hosting solutions that were known to originate attacks and put them into a network blacklist. This was an easy way to blunt a large number attacks, however as attackers move to cloud services, the fact that there are so many different tenets on these cloud services makes it difficult or impossible to block these IP ranges, and so the first chance of an attack getting past network list is increased dramatically.
- Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data - Don't cry too hard: Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information.
- Weak passwords to be banned in California - This is not an effective solution to the IoT security problem: The state has passed a law that sets higher security standards for net-connected devices made or sold in the region. It demands that each gadget be given a unique password when it is made. Before now, easy-to-guess passwords have helped some cyber-attacks spread more quickly and cause more harm.
- Code execution bug in malicious repositories resolved by Git Project | ZDNet - Preventing attackers from doing harm via software development and continuous integration tools will be challenging, one such example: "The command-line git clone tool does not correctly sanitize submodule URLs," the latest vulnerability description reads. "When cloning submodules, for example using git clone --recurse-submodules or git submodule update, the URL of a submodule could be interpreted as a command-line argument to git clone."
Expert Commentary: Juxhin Dyrmishi Brigjaj, Acunetix
We are going to talk about the resurgence of XSS after the big British Airways and NewEgg hack. I have some relevant references below: