This week’s highlights also include more attacks on MongoDB, OpenSSL correcting flaws and more.

Critical bug in Linux encryption app Cryptkeeper

Debian Linux developers are recommending that Cryptkeeper be removed from the operating system after a critical bug was discovered that sets a single character decryption password. The app’s developer appears to have abandoned the project, reports

The Register. A Debian developer, Simon McVitte, said in an email about the issue, “it currently gives a false sense of security that is worse than not encrypting at all.”

NETGEAR router vulnerability could lead to password disclosure

Threatpost reports that potentially more than one million Netgear routers contain a pair of vulnerabilities that could allow an attacker to retrieve management passwords for the devices, granting them access to the user’s network.Netgear has released updates for 20 models, and has provided a workaround for an additional dozen that will not get updates.

SHA-1 encryption end date arrives

Users will begin to see error messages in their browsers when accessing websites using insecure SHA-1 certificates, as the date for their discontinuance passes this month. Threatpost reports that many organizations have not yet switched to the more secure SHA-2 certificates, although they have known SHA-1 was being discontinued for a couple of years. Web performance and security firm Cloudflare says that as many as 10 percent of credit card payment systems, those that haven’t yet updated their systems to support SHA-2, may experience problems. Companies with internal certificates could also face security challenges, or run into issues with apps.

More than 28,000 databases in open-source Internet platform hit by attackers demanding ransom
Cisco tries to move into the digital meeting room with launch of its Spark Board
Attacks continue on MongoDB, other databases

Security expert Steve Ragan reports that publicly accessible MongoDB databases are still being erased, in a continuance of attacks that began at the beginning of the year. Over 40,000 databases have been so far affected, with the victim’s database replaced by a message demanding payment in Bitcoin. However, although the initial attacks copied the database before erasing it, today that’s not the fact. Even those paying the ransom have not recovered their data. Attackers have since widened their scope to include Elasticsearch, CouchDB, and Hadoop. Users should confirm that these databases are properly secured.

Critical flaw in Cisco Telepresence Multipoint Control Unit

Cisco has issued patches for a critical flaw in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. It affects Telepresence MCU 5300 series, Telepresence MCU MSE 8510, and Telepresence MCU 4500, running software version 4.3(1.68) or later configured for Passthrough content mode. There are no workarounds.

In addition, all versions of Cisco Expressway Series Software and Cisco TelePresence VCS Software prior to version X8.8.2are vulnerable to attacksthat could allow an unauthenticated remote attacker to cause a denial of service condition. There are no workarounds, but Cisco has released software updates to correct the problem.

AirWatch Android app and Agent patched

VMware has issued updates to its AirWatch

Inbox and Agent for Android to correct two vulnerabilities. AirWatch Agent for Android contains a vulnerability that may allow a device to bypass root detection during enrollment, and AirWatch Inbox for Android’s vulnerability may allow a rooted device to decrypt the local data used by the application. Both updates are available in the Google Play store.

OpenSSL corrects three flaws

Three flaws, two of which that could cause OpenSSL to crash, causing a denial of service, have been patched in OpenSSL, according to an  advisory.

Users of OpenSSL 1.1.0 should update to v1.1.0d, and users of version 1.0.2 should update to 1.0.2k.

Source   :  www.business.financialpost.com

Netgear router vulnerability and critical bug in Linux app: Security news IT leaders need to know


Leave a Reply