Week in review: MySQL 0-day, Stingrays, and the end of Patch Tuesday

Here’s an overview of some of last week’s most interesting news and articles:

Five ways to respond to the ransomware threat
While organizations wrestle with the ever-pressing issue of whether to pay or not to pay if they’re victimized, Logicalis US suggests CXOs focus first on how to protect, thwart and recover from a potential attack.

MySQL 0-day could lead to total system compromise
Researcher Dawid Golunski has discovered multiple severe vulnerabilities affecting the popular open source database MySQL and its forks (e.g. MariaDB, Percona). One of these – CVE-2016-6662 – can be exploited by attackers to inject malicious settings into MySQL configuration files or create new ones, allowing them to execute arbitrary code with root privileges when the MySQL service is restarted.

Organization must modify the network access policy to address IoT devices
By 2020, 21 billion of Internet of Things (IoT) devices will be in use worldwide. Of these, close to 6 percent will be in use for industrial IoT applications.

US 911 emergency system can be crippled by a mobile botnet
What would it take for attackers to significantly disrupt the 911 emergency system across the US? According to researchers from Ben-Gurion Univerisity of the Negev’s Cyber-Security Research Center, as little as 200,000 compromised mobile phones located throughout the country.

Microsoft ends Tuesday patches
In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install.

Artificial intelligence in cybersecurity: Snake oil or salvation?
Machine learning is the science of enabling computers to learn and take action without being explicitly programmed. What has this to do with information security? Currently, not that much. But this is set to change.

DDoS and web application attacks keep escalating
Akamai Technologies released its Second Quarter, 2016 State of the Internet / Security Report, which highlights the cloud security landscape, specifically trends with DDoS and web application attacks, as well as malicious traffic from bots.

DDoS downtime calculator based on real-world information
Are you wondering how you can assess the risks associated with a DDoS attack? Incapsula’s free DDoS Downtime Calculator offers case-specific information adjusted to the realities of your organization.

ICS-CERT warns of remotely exploitable power meter flaws
Two remotely exploitable vulnerabilities, one of which can lead to remote code execution, have been found in Schneider Electric’s ION Power Meter products and FENIKS PRO Elnet Energy Meters.

Improve SecOps by making collaboration easier
Ensuring smooth collaboration and sharing between SOC analysts, incident responders, and endpoint and network administrators has its challenges.

Bogus Pokémon GO guide app roots Android devices
The popularity of Pokémon GO is apparently on the wane, but there are still more than enough players to make it a good lure for cyber crooks. In fact, fake apps like the “Guide For Pokémon Go New” recently spotted on Google Play can end up being downloaded by as many as half a million users.

What proposed Rule 41 changes mean for your privacy
Last week, US Senator Ron Wyden took the floor of the Senate to explain why his (and his colleagues’) Stopping Mass Hacking Act should be voted in.

Android apps based on Adobe AIR SDK send out unencrypted data
Developers using the Adobe AIR SDK should update to the latest version of the software development kit and rebuild the apps as soon as possible if they don’t want their users’ traffic being exposed to attackers.

Hack a Nexus from afar, get $200,000
Google has issued a challenge to bug hunters around the world: find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only the devices’ phone number and email address, and you’ll be handsomely rewarded.

Cyberattacks cost SMBs an average of $86,500
On average, a single cybersecurity incident now costs large businesses a total of $861,000. Meanwhile, SMBs pay an average of $86,500.

6.6 million ClixSense users exposed in wake of site, company hack
If you’ve ever registered with ClixSense – and millions have – you can consider all your personal information shared with the service compromised.

IoT Village uncovers 47 security vulnerabilities across 23 devices
New dangers in both home security and municipal power facilities were revealed as the results of the 2nd Annual IoT Village, held at DEF CON 24 in Las Vegas. More than 47 new vulnerabilities were discovered across 23 different devices from 21 brand name manufacturers.

Ransomware usage explodes, as app, browser and plug-in vulnerabilities increase
Bromium conducted research on cyber attacks and threats affecting enterprise security over the last six months. The good news is while the number of vulnerabilities is steadily increasing, not all exploitable vulnerabilities are actually exploited. The bad news is, criminals are working harder to get protected data.

Stingray use lacks transparency and meaningful oversight
Cell-site simulators – aka Stingrays, aka IMSI catchers – are widely used by US law enforcement, usually without a warrant that such type of surveillance should require.

PCI Council wants more robust security controls for payment devices
The PCI Council has updated its payment device standard to enable stronger protections for cardholder data, which includes the PIN and the cardholder data (on magnetic stripe or the chip of an EMV card) stored on the card or on a mobile device.

Consumers harassed by 30 million spam calls every day
Consumers are giving up twice as much sensitive data over the previous year.

More about

Don't miss