Author Archives: Patrick Howell O'Neill

Cisco patches a perfect 10.0 ‘critical’ flaw in its popular security appliance

Posted on by

Cisco announced Monday a critical vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) that allows an unauthenticated, remote attacker to execute code or cause a system reload. This flaw, a perfect 10.0 on Common Vulnerability Scoring System, tops out as the highest warning possible. The products a popular group of security devices designed to protect corporate networks and data centers. Users are urged to apply security updates that fix the issue. “The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device,” Cisco explained in the Monday announcement. “An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device.” The vulnerability was found by Cedric […]

The post Cisco patches a perfect 10.0 ‘critical’ flaw in its popular security appliance appeared first on Cyberscoop.

Continue reading Cisco patches a perfect 10.0 ‘critical’ flaw in its popular security appliance

Allscripts faces lawsuit after ransomware attack impacts doctors’ offices across U.S.

Posted on by

Billion-dollar American health care company Allscripts faces a lawsuit for failing to secure systems and data after it was crippled by a SamSam ransomware attack earlier this month. The lawsuit was filed in Illinois by the Florida-based Surfside Non-Surgical Orthopedics on behalf of all clients affected by the incident.  The company, which provides health care IT solutions like health record and practice management as well as electronic prescription services, was first hit by ransomware on Jan. 18. It took more than a week to fully recover. In that time, the lawsuit alleges, patient records were out of reach, business and care was interrupted and revenue was lost. “Allscripts was aware, however, that at all times pertinent hereto, that deficiencies in its product and services could result in privacy and security vulnerability or compromises and failed to take adequate measures to protect against any such event,” the lawsuit charges. The plaintiffs then point to a […]

The post Allscripts faces lawsuit after ransomware attack impacts doctors’ offices across U.S. appeared first on Cyberscoop.

Continue reading Allscripts faces lawsuit after ransomware attack impacts doctors’ offices across U.S.

Microsoft rushes Windows patch disabling Intel’s Spectre fixes due to instability

Posted on by

Microsoft issued a new security update over the weekend to disable Intel’s buggy firmware fixes for Spectre, the two-decade-old chip flaw that allows attackers to steal private data from affected machines. The update, issued Saturday, is the second out-of-band security update Microsoft issued this month. It comes after Intel warned enterprise customers to skip their buggy patches because of instability, data loss, corruption and unwanted reboots. Intel has promised more stable patches in the near future and next-generation chips that fix the root of the Meltdown and Spectre vulnerabilities. Those patches will be released some time in 2018. Until then, there appears to be no complete fix possible for Spectre until those chips are created. Meltdown is numbered CVE-2017-5754. The two Spectre attacks are CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). Meltdown and Spectre variant 1 are fixed with software patches. Users are not so lucky with Spectre variant 2. “While Intel tests, updates […]

The post Microsoft rushes Windows patch disabling Intel’s Spectre fixes due to instability appeared first on Cyberscoop.

Continue reading Microsoft rushes Windows patch disabling Intel’s Spectre fixes due to instability

Oracle issues patches for 10 ‘virtual machine escape’ flaws in VirtualBox

Posted on by

Enterprise tech giant Oracle released a collection of critical security patches this month to address 10 exploitable vulnerabilities in VirtualBox. Both popular and powerful, VirtualBox is Oracle’s hypervisor, which allows users to run virtual machines on a user’s host operating system. Affecting anyone using VirtualBox, the “easily exploitable” vulnerabilities allow a hacker to stage a “virtual machine escape” and attack the host operating system, TechRepublic reports. The vulnerabilities are found in the core graphics framework that is mirrored between the host and guest machine. It affects all host operating systems, according to SecuriTeam. You can find an extensive and technical write-up of the exploits here. The vulnerability in mirrored memory allows attackers to exploit the host operating system from the virtual machine. This particular vulnerability, CVE-2018-2698, was found by independent security researcher Niklas Baumstark via Beyond Security’s SecuriTeam. After Oracle issued patches and an announcement, Baumstark outlined the problems on Twitter: CVE-2018-2698 is a powerful […]

The post Oracle issues patches for 10 ‘virtual machine escape’ flaws in VirtualBox appeared first on Cyberscoop.

Continue reading Oracle issues patches for 10 ‘virtual machine escape’ flaws in VirtualBox

Hackers steal at least $533 million in largest cryptocurrency theft ever

Posted on by

Hackers stole at least $533 million in an attack against Coincheck, Japan’s largest cryptocurrency exchange, the company’s president and chief operating officer said at a press conference at the Tokyo Stock Exchange on Friday. This is the largest cryptocurrency theft of all time, eclipsing the historic 2014 heist against Mt. Gox in which the coins were valued at $450 million USD. Neither the method of attack nor the full amount lost are known publicly at this point. The amount lost was originally thought to be around $400 million USD and now further investigation is required to see if even more than $533 million USD has been stolen. Hackers stole the full value in NEM tokens, a Japanese-based coin that has one of the highest total market values among cryptocurrencies. The price of NEM has fallen by about 11 percent since Coincheck’s troubles began. Launched in 2012, Coincheck is headquartered in Tokyo and boasts over […]

The post Hackers steal at least $533 million in largest cryptocurrency theft ever appeared first on Cyberscoop.

Continue reading Hackers steal at least $533 million in largest cryptocurrency theft ever

Alphabet launches Chronicle, a new cybersecurity company

Posted on by

Alphabet, Google’s parent company, announced a new cybersecurity company named Chronicle on Wednesday. The company comes with massive promises to change the cybersecurity landscape but precious few details on how it will actually be done. Emerging from Alphabet’s X “moonshot” research and development lab, Chronicle bursts onto the scene with a mountain of hype and resources that only a company like Google can provide. The new firm aims to do better at finding important patterns in oceans of data, shrinking the time to discover attacks and ultimately turn the tide against vulnerabilities and hackers. Chronicle comes in two parts, according to a new blog post by Stephen Gillett, Chronicle’s new leader and the former chief operating officer at Symantec. Chronicle is an intelligence and analytics platform coupled with VirusTotal, the popular malware intelligence platform Google bought in 2012. The company’s goal is to beat the cybersecurity industry’s much-talked-about talent shortage by doing things bigger and better than any […]

The post Alphabet launches Chronicle, a new cybersecurity company appeared first on Cyberscoop.

Continue reading Alphabet launches Chronicle, a new cybersecurity company

Here’s another sign that criminals are breaking away from bitcoin

Posted on by

Bitcoin, the granddaddy of cryptocurrency, has moved beyond the criminal underground that has dominated its economy, according to new research from the cryptocurrency surveillance and analysis firm Chainalysis. While bitcoin has since exploded in price and popularity, the share of bitcoin transactions sent to dark net markets dropped to less than 1 percent in 2017. In 2012, a total of 30 percent of bitcoin transactions were sent to dark net markets, according to Chainalysis, signifying that criminal activity was an enormous part of the cryptocurrency economy. However, the total value of dark web market transactions in 2017 increased to $660 million. Dark web markets are online marketplaces operating on anonymizing networks like Tor or I2P. Operating like a combination of eBay and Amazon, the markets offer an array of illegal contraband, like drugs, guns or malware. The biggest drops in bitcoin-related transactions occurred when law enforcement was able to shut down popular dark web marketplaces. In 2013, […]

The post Here’s another sign that criminals are breaking away from bitcoin appeared first on Cyberscoop.

Continue reading Here’s another sign that criminals are breaking away from bitcoin

Severe Electron framework vulnerability impacts apps like Skype and Slack

Posted on by

Electron, a popular web application writing platform underlying some extremely widespread software including Skype and Slack, is vulnerable to a critical remote code execution vulnerability. Apps are only vulnerable if they run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://. MacOS and Linux apps are not vulnerable. Referred to as a “Protocol Handler Vulnerability,” the problem has been assigned the number CVE-2018-1000006. Protocols like slack:// make it so that users can click links from other software like a web browser and directly go to, for instance, the Slack app. Several widely used apps are built on Electron, including Windows desktop apps for the encrypted messaging app Signal, the audio chat app Discord and the content management system WordPress. However, most of these apps don’t register themselves as the default handler for a protocol like myapp:// so they are not vulnerable. You can find a full list of Electron apps here to better understand the […]

The post Severe Electron framework vulnerability impacts apps like Skype and Slack appeared first on Cyberscoop.

Continue reading Severe Electron framework vulnerability impacts apps like Skype and Slack

Intel tells customers to skip buggy patches for Spectre and Meltdown

Posted on by

The Spectre and Meltdown saga continues to add chapters. After a rash of reports showed Intel firmware updates caused unwanted rebooting, Executive Vice President Navin Shenoy told the company’s biggest customers to skip the latest patches as Intel sprints to release better fixes. “We recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of current versions on specific platforms as they may introduce higher than expected reboots and other unpredictable system behavior,” Shenoy wrote in a blog post released Monday. Spectre and Meltdown were discovered in June 2017 and then were kept largely under wraps for six months as chipmakers figured out what to do next. The released security updates have included various firmware and software updates meant as triage. In addition to Intel’s firmware updates, companies like Microsoft, Apple, Nvidia and AMD rolled out their own patches in efforts to protect their company’s devices. Intel says it recently identified the root […]

The post Intel tells customers to skip buggy patches for Spectre and Meltdown appeared first on Cyberscoop.

Continue reading Intel tells customers to skip buggy patches for Spectre and Meltdown

Hackers have stolen millions during the ICO craze, report says

Posted on by

Hackers have glommed on to the frenzy around cryptocurrency, stealing large amounts of money as companies look to chase profits through initial coin offerings. Over 10 percent of worldwide ICO proceeds — more than $370 million so far — has been swiped, according to new research from UK accounting firm EY and the Russian cybersecurity firm Group-IB. The total works out to $1.5 million being stolen from ICOs per month. Initial coin offerings (ICO) are popular and infamously disorganized cryptocurrency crowdfunding events that have raised nearly $4 billion for startups. “The speed and size of the ICO market draw hackers’ attention,” researchers wrote. “Hackers are attracted by the rush, absence of a centralized authority blockchain transaction irreversibility and information chaos.” The perfect case study came in July 2017 when hackers took over the Israeli cryptocurrency trading site CoinDash just 13 minutes into the site’s ICO. The attackers breached CoinDash’s website and altered the investment address in order to steal $7 […]

The post Hackers have stolen millions during the ICO craze, report says appeared first on Cyberscoop.

Continue reading Hackers have stolen millions during the ICO craze, report says