Cisco cleans up critical flaws, Florida city forks out $600k to ransomware scumbags, and more from infosec land

Your quick guide to what else has been happening in computer security lately

Roundup Here's a quick Monday summary of recent infosec news, beyond what we've already reported.

Cisco emits critical bug fixes

Admins running Cisco gear will need to dedicate some time to updating their software an firmware following the release of 26 security patches from Switchzilla.

Of the fixes, three are for critical flaws: CVE-2019-1663 is a remote code execution flaw in the RV110W, RV130W and RV215W routers. CVE-2019-1848 is an authentication bypass flaw in DNA Center, and CVE-2019-1625 covers a privilege escalation flaw in SD-WAN. Additional patches address other bugs in SD-WAN and the RV-series switches.

Desjardens gets desjar-done by data-slurping insider

Canadian credit union Desjardens says it may have lost control of the personal information of 2.7 million people, or around 40 per cent of its clientele, thanks to a disgruntled employee.

The Montreal-based financial institution warned that the rogue insider, who was caught and terminated, had been able to collect detailed information on millions of account holders including their email and physical addresses, social insurance numbers, birth dates, and some account activity, and share it with people outside the company.

For what it's worth, the bad apple was not thought to have collected PINs, passwords, or security answers, and so far there has been no noticeable increase in account fraud activity. Still, the financial org said it would reimburse fraudulent charges and provide monitoring for anyone who is found to have had their data misused as a result of the leak.

Used Nest cams pose security risk

Getting a bargain on a pre-owned security camera may have put your privacy at risk. This is according to a report from the New York Times' Wire Cutter site, which found that people who had sold their Nest cameras after doing a factory reset could still access surveillance images from the new owner via the Wink home hub.

Fortunately, Google said it has since issued an automatic update that will roll out to every Nest camera. This means as long as you perform a factory reset, your used Nest should be OK from then on.

Florida town caves to ransomware demand

A city in Florida, US, has found itself $600,000 lighter following a ransomware infection on its officials' computers.

The city of Riviera Beach said that after initially opting to replace its IT systems in response to a ransomware outbreak, it is following the advice of outside security consultants and handing over the Bitcoin ransom to get their encrypted files descrambled.

While the FBI and many security pros discourage companies from paying off ransomware attackers (often this doesn't even work), the reality of long and costly recovery projects means that often companies might be better served by at least considering a payout.

Tor follows Mozilla's lead with bug fix

For those who don't know, the Tor browser is more or less a version of Firefox with a ton of privacy features baked in. It makes sense, then, that some bug fixes for the Mozilla browser also need to be applied to the Tor version.

That is the case with a sandbox escape bug that recently surfaced as part of a zero-day attack on Firefox. Tor says that users should make sure their browser is updated to protect against similar exploits.

Want another reason to patch the Exim bug? Here's another Linux attack

Researchers with Cybereason are reporting that malware is swirling around the 'net exploiting the Exim security flaw revealed earlier this month. The software nasty uses the security hole to inject crypto-miners into Linux servers, and then uses the commandeered boxes to search for other machines to infect. Admins are well-advised to check they have the latest version of Exim, or at least a patched build.

In brief...

Perceptics, a maker of license-plate recognition systems for the US border cops, was hacked, as we reported first last month, and its internal files spilled onto the dark web as a result. Well, that data, including plate photos, schematics, and other sensitive information, is still online, the Washington Post's Drew Harwell reports, and is now being mirrored on the public internet.

A set of WordPress site-editing plugins from Facebook suffer from cross-site request forgery vulnerabilities. The bugs are present in the WooCommerce for Facebook and Messenger Customer Chat add-ons, and were reportedly publicly disclosed by a security firm that was upset with WordPress for its handling of bug reports.

Finally, Cloudflare is offering a free service to certificate authorities to prevent miscreants from gaining certificates for trusted sites via BGP attacks. ®

Sponsored: Balancing consumerization and corporate control




Biting the hand that feeds IT © 1998–2019