12 May TechLab CyberSecurity Team Latest Newsletters
Cisco pushes out almost 34 security updates on May 2020
Cisco released a batch of 34 security updates with 12 being rated as a high priority & 22 medium priority, 8 of the high-rated advisories impacting the Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software. Critical problems were CVE-2020-3187 a vulnerability in the web services interface in both products that could allow an unauthenticated, remote attacker to conduct directory traversal attacks to obtain read & delete access to sensitive files. CVE-2020-3298 also affects both products; it is a vulnerability in the Open Shortest Path First implementation that could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service condition.
Zero-click vulnerability found in Samsung mobile phones
A zero-click vulnerability in Samsung mobile phones if exploited could allow a malicious actor to gain access to all the permissions and privileges associated with Samsung Messenger with no interaction by the user, If you own a Samsung smartphone that was sold from late 2014 onwards, for that patch released in May 2020. If a device is not updated then changes for successful attack would give the threat actor the same privileges as the owner and thus access to personal user information: call logs, contacts, microphone, storage and SMS.
SAP says 7 cloud products not currently up to security standards
SAP SE this week publicly disclosed that seven of its cloud products “do not meet one or several contractually agreed or statutory IT security standards at present,” adding that the ERP software giant is actively taking steps to remediate these issues. SAP identified the problematic products as SAP Success Factors, SAP Concur, SAP/CallidusCloud Commissions, SAP/Calliduscloud CPQ, SAP C4C/Sales Cloud, SAP Cloud Platform and SAP Analytics Cloud.
Sodinokibi ransomware can now encrypt open and locked files
The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as databases or mail servers, will lock files that they have open so that other programs cannot modify them.
Thunderbolt Vulnerabilities Could Threaten Millions of PCs
Attackers with physical access to targeted machines could exploit these flaws to access and copy data within minutes, researchers say.Security researchers have discovered Thunderbolt vulnerabilities that could leave millions of computers exposed to attackers who have the right hardware tools and a few minutes with the machine. The “Thunderspy” attack affects Windows and Linux devices manufactured pre-2019.
DocuSign Phishing Campaign Uses COVID-19 as Bait
The newly discovered campaign lures victims with a supposed file concerning the coronavirus pandemic. DocuSign users on Office 365 are the target of a new phishing campaign that features COVID-19 as a lure to convince them to offer up their credentials in return for pandemic information.
The TechLab Cyber Security Team responsible for monitoring, identifying, detecting, protecting, isolating, responding and recovering based on current threats provides 24x7x365 services, TechLab Security specializes in various security products, projects, network devices, end-user devices, and system.
The TechLab Cyber Security Team Major Responsibilities Are:
• Monitor, Analyze, Correlate & Escalate Intrusion Events,
• Develop Appropriate Responses; Protect, Detect, Respond,
• Conduct Incident Management and Forensic Investigation,
• Maintain Security Community Relationships,
• Various Cyber Security Consulting Services such as Penetration Testing, Vulnerability Assessment, PCI-DSS Compliance and ISO27001 implementation and Audit compliances,
• Assist in Crisis Operations.