Hate hub hacked, Cisco bugs squished, Bluekeep attacks begin, and much, much more

Plus, rConfig flaw raises alarms

Smilin' Marv

Roundup Time for a look at some of the other security stories making the rounds in the past week.


Yet another reason not to use commercial DNA testing services: Genome sequencing biz Veritas Genetics says that an unauthorized user had been able to get access to a customer portal.

The unknown attacker wasn't able to steal any genetic information, but beyond that Veritas isn't saying exactly what sort of customer data was exposed. It is working with law enforcement to track down the culprit.

'Iron March' forum exposed

Bad news for those who frequented the now defunct neo-Nazi 'Iron March' forum as a hacker has managed to get access to a complete backup of the forum and share it online.

The archive includes a collection of all posts and DMs from the forum. The entire archive is available for download as a SQL database.

Cisco drops fresh set of patches

It's once again time to patch up your Cisco devices. The networking giant has posted a fresh load of updates for both its hardware and software offerings, including fixes for a few high-risk code execution and denial of service bugs.

The updates include high-severity fixes for Cisco Small Business Router, TelePresence, Web Security Appliance, Wireless LAN Controller, and WebEx Network Recording Player.

Admins would be well-served to test and deploy the fixes before next Tuesday, when Microsoft and others unleash their Patch Tuesday patches.

rConfig found to contain pair of RCE bugs

Admins whose networks use rConfig will want to be sure to update their firmware following the disclosure of two remote code execution flaws in the utility.

While RCE flaws are never good news, there are at least some mitigating factors that should make these bugs a bit less dangerous.

Specifically, one of them requires the attacker to target a component in the 'install' folder.This directory is almost always deleted during or shortly after installation of the software, so most servers would not be vulnerable.

Meanwhile, the second flaw requires the attacker to already have valid login credentials for the target device, so 'remote' in this case does not mean unauthorized.

Bluekeep exploits spotted

If you have been dragging your feet on installing the months-old patch for the Windows RDP 'Bluekeep' flaw, you should probably take care of that now.

This is because there have been reports of active exploits targeting the remote desktop vulnerability. So far, they are mostly just coin-mining malware installations that have been collected by honeypot machines, but there is the risk for worse attacks.

"The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check. Customers are encouraged to identify and update vulnerable systems immediately," Microsoft says.

"Many of these unpatched devices could be unmonitored RDP appliances placed by suppliers and other third-parties to occasionally manage customer systems. Because BlueKeep can be exploited without leaving obvious traces, customers should also thoroughly inspect systems that might already be infected or compromised."

Expert shares thoughts on encryption

Over on the Lawfare Blog, Jim Baker of the R Street Institute and Harvard Law School shares how his views on encryption have evolved, and what changes could be on the horizon as the government continues to wrestle with how to deal with encrypted communications.

Google patches payment API bypass

A particularly nasty vulnerability has been patched by Google in one of the APIs it uses to handle card payments in Chrome. The Daily Swig reports that the vulnerability would have potentially allowed an attacker to use the API to access and copy any file on the victim's machine.

Fortunately, because Chrome automatically updates itself, a simple browser restart will get you patched up against this bug.

Nvidia posts updates

Gamers (or really anyone else) running Nvidia graphics cards will want to get these two updates for their GPU and graphics cards. The bugs patched are not particularly dangerous on their own, but could potentially be chained together to achieve code execution. Users and admins should install them as soon as possible. ®

Sponsored: Webcast: Why you need managed detection and response


Biting the hand that feeds IT © 1998–2020