The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Internet Cameras Showcase Major Security Flaws
Researchers recently discovered as many as 18 different vulnerabilities with Foscam cameras. Among the exploits are several methods of gaining remote access to the cameras, as well as viewing active feeds, and searching through locally stored files. Although the researchers reported these issues months ago, the manufacturer has not yet addressed the issues. Unfortunately for consumers, Foscam makes devices for at least 14 different brands, all of which come with the same security risks.
EternalBlue Exploit Port to Windows 10
The notorious EternalBlue exploit, which was used in the WannaCry attacks, has been ported to Windows 10, which means all current versions of Windows are susceptible to the exploit, if not properly patched. In addition to the port, another exploit module was created, which slims down network traffic and allows the infection to remain undetected by current detection criteria. While researchers are still learning and understanding the full capabilities of EternalBlue, it has also opened the door for less skilled hackers to modify the otherwise well-written exploit for their own purposes.
Car Owner Database Publicly Available
In the last week, researchers found a publicly-facing database containing the customer and vehicle information for nearly 10 million cars in the US. The database, which had been actively available for around four months, has no known owner, though several dealerships named in the database have been contacted with inquiries. Unauthorized access to the information could give criminals more than enough information to have extra keys made for the vehicles, and could even lead to identity theft issues.
Turla Hacking Group Changing Methods of Attack
The cybercriminal group Turla has executed numerous cyberattacks on major corporations and government agencies over the last few years. Now, however, they’ve switched their focus to individual attacks, typically using Firefox browser extensions to create backdoors into personal systems. The attacks are coordinated by placing comments on highly-trafficked Instagram pages and pictures. The browser extension hashes the comment values until the malicious hash is discovered, at which point it contacts a C&C server for instructions. Fortunately for many social media users, the APIs used to create the malicious extension will be phased out in future versions of Firefox.
Edmodo Data Breach Confirmed
Officials at Edmodo, an education technology company that works with K-12 schools and teachers, have been working to discover the source of a breach that affects over 77 million individual accounts. The majority of affected users were children who used various Edmodo programs for school, as well as educators across the country. Although the freshness of the data would indicate that the breach occurred very recently, and Edmodo did attempt to notify its users quickly, not all users received word that their accounts had been breached. Thankfully, the company used strong encryptions to protect passwords, so it’s unlikely that attackers will invest the time and effort necessary to decrypt them to access accounts.