BTH News 20December2020
This Week In Cybersecurity
This week on Between The Hacks: The SolarWinds hack explained in plain English, D-Link router vulnerabilities, Google explains their global outage, 28 malware-infected browser extensions and a cybercrime book for the security enthusiast on your gift list.
SolarWinds
By now you have probably heard about the SolarWinds supply-chain compromise that has impacted government and businesses all over the world. The story broke last week when cybersecurity company, FireEye, disclosed in a blog post that, "A highly sophisticated state-sponsored adversary stole FireEye Red Team tools.” Five days later, in a subsequent blog post, FireEye wrote, “We have discovered a global intrusion campaign” and, “discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST.”
To read more about how this happened and links to continuing reports, read SolarWinds Hack: The Basics on Between The Hacks.
D-Link VPN Router Patches
On December 8, 2020, security company, Digital Defense, disclosed that they discovered a, “vulnerability affecting D-Link VPN routers. D-Link DSR-150, DSR-250, DSR-500 and DSR-1000AC VPN routers running firmware version 3.14 and 3.17 are vulnerable to a remotely exploitable root command injection flaw.”
Toolbox spoke with researchers at Digital Defense who discovered the vulnerabilities and reports, “The security researchers could locate around a thousand or so instances of vulnerable devices with remote management enabled.”
What Can You Do?
D-Link has created patches and released an advisory. If you have one of these devices, download and install the vendor patch listed in the D-Link Support Announcement.
Google Explains Recent OUtage
On Monday December 14, 2020, Google suffered from a worldwide outage that prevented users from logging into their accounts and accessing services such as Gmail, YouTube, Google Drive, Google Maps and several other Google services. The outage lasted almost an hour.
Later in the week, Google issued an apology and an explanation in a report that stated, “On Monday 14 December, 2020, for a duration of 47 minutes, customer-facing Google services that required Google OAuth access were unavailable. Cloud Service accounts used by GCP workloads were not impacted and continued to function. We apologize to our customers whose services or businesses were impacted during this incident, and we are taking immediate steps to improve the platform’s performance and availability.”
The report explains that the outage occurred as Google was migrating to a new, automated quota system. During the migration, part of the old system was left in place which caused errors and authentication issues.
28 Chrome & Edge Extensions Infected with Malware
Security researchers from cybersecurity company, Avast, disclosed that they, “have identified malware hidden in at least 28 third party Google Chrome and Microsoft Edge extensions associated with some of the world’s most popular platforms.” While the Avast team discovered these malicious extensions in November 2020, they believe the threat could have been active for years.
The malware redirects victims to phishing sites in an attempt to steal personal information. The researchers estimate that about 3 million users may be affected worldwide, based on the download statistics from the app stores.
Avast recommends, “users disable or uninstall the extensions for now until the problem is resolved and then scan for and remove the malware”. For a full list of infected browser extensions, see the Avast disclosure statement.
Tip of the Week
Crime Dot Com
Crime Dot Com is a book about cybercrime by Geoff White. In the book, White takes the reader on a historic journey of cybercrime starting with stories from the early days of the tech industry to modern-day hacks. The book is interesting, informative and a must read for cybersecurity professionals and enthusiasts alike. You don’t have to be a techy to enjoy this book.
Summary on Amazon: On May 4, 2000, an email that read “kindly check the attached LOVELETTER” was sent from a computer in the Philippines. Attached was a virus, the Love Bug, and within days it had been circulated across the globe, paralyzing banks, broadcasters, and businesses in its wake, and extending as far as the UK Parliament and, reportedly, the Pentagon. The outbreak presaged a new era of online mayhem: the age of Crime Dot Com. In this book, investigative journalist Geoff White charts the astonishing development of hacking, from its conception in the United States’ hippy tech community in the 1970s, through its childhood among the ruins of the Eastern Bloc, to its coming of age as one of the most dangerous and pervasive threats to our connected world. He takes us inside the workings of real-life cybercrimes, drawing on interviews with those behind the most devastating hacks and revealing how the tactics employed by high-tech crooks to make millions are being harnessed by nation states to target voters, cripple power networks, and even prepare for cyber-war. From Anonymous to the Dark Web, Ashley Madison to election rigging, Crime Dot Com is a thrilling, dizzying, and terrifying account of hacking, past and present, what the future has in store, and how we might protect ourselves from it.
You can learn more and purchase on Amazon.