Archive for the ‘Uncategorized’ Category

SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit

Assessments can be used against your company in court proceedings. Here’s how to mitigate this potential risk.
Source: DarkReading
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit

10 Security 'Chestnuts' We Should Roast Over the Open Fire

These outdated security rules we all know (and maybe live by) no longer apply.
Source: DarkReading
10 Security ‘Chestnuts’ We Should Roast Over the Open Fire

US Family Loses Life Savings in Money Mule Email Scam

US Family Loses Life Savings in Money Mule Email Scam

The Federal Bureau of Investigation has issued a warning after a family from Oregon lost their life savings in a business email compromise scam involving money mules.



Aaron Cole and his wife decided to move into a bigger house after welcoming two children into their family. The couple sold their existing home, and the title company told them they would be in touch soon with instructions for making the down payment on their new house. 



Aaron’s wife received an email on December 4, 2018, from what appeared to be the title company and sent $122,850 to the account number provided in the message. A few days later, Aaron received a phone call from the title company to inform him it was time to wire the down payment.



An FBI spokesperson said: “The Coles had been the victims of a business email compromise scam and had wired their money to a criminal who had spoofed the title company’s email address and sent them fake wire instructions. Their down payment had been funneled into one account and then broken up and sent to four other banks.”



After falling victim to the scam, the Cole family was left in a situation where they couldn’t make the down payment on their new house and had fewer than three weeks to vacate their current home. 



“When this happened, I couldn’t come up with the words to tell my wife,” said Aaron Cole.



“The equity in the house was our way to move forward. I put myself back 15 years.”



Generously, the title company stepped in and offered to cover their down payment in exchange for the Cole family’s help in highlighting the problem of business email compromise. 



Last year, the FBI’s Internet Crime Complaint Center (IC3) received more than 20,000 complaints from victims of business email compromise alone. These victims reported losses of more than $1.2bn. 



The cyber-criminals who stole from the Coles were assisted by the actions of money mules—people who knowingly or unwittingly transfer funds on behalf of, or at the direction of, someone else. 



Yesterday the FBI issued an advisory to the general public to be wary of any unsolicited emails or other communications containing a job offer promising easy money or a request to open a bank account in another person’s name or in the name of a business created by someone else. 



Extreme caution was also advised to anyone who receives an electronic request for money from a loved one.


Source: Infosecurity
US Family Loses Life Savings in Money Mule Email Scam

CVE-2019-5098

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
Source: NIST
CVE-2019-5098

CVE-2019-17388

Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications.
Source: NIST
CVE-2019-17388

CVE-2019-17387

An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
Source: NIST
CVE-2019-17387

CVE-2012-1104

A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.
Source: NIST
CVE-2012-1104

CVE-2019-19546

Norton Password Manager, prior to 6.6.2.5, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
Source: NIST
CVE-2019-19546

CVE-2019-18381

Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
Source: NIST
CVE-2019-18381

CVE-2019-19545

Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cross origin resource sharing (CORS) vulnerability, which is a type of issue that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
Source: NIST
CVE-2019-19545