Hackers Leak Swedish Security Firm's Data

Hackers Leak Swedish Security Firm’s Data

A Swedish security firm that suffered a cyber-attack is warning customers that their data has been leaked online.



Malicious hackers compromised the servers of Gunnebo in August 2020 in a highly organized attack that was reported to the Swedish Security Service, Säpo. 



Gunnebo’s CEO, Stefan Syrén, said hackers uploaded 38,000 files to a public server after management refused to give in to demands for a ransom.



On Tuesday, Swedish daily newspaper Dagens Nyheter (DN) reported that large amounts of sensitive data belonging to Gunnebo customers had been released on the dark web. 



News service Reuters reported that three security experts had confirmed an 18-gigabyte file containing Gunnebo customer data was available for download.



Data breached in the leak included security arrangements for the Swedish parliament, alarm systems, and detailed floor plans for bank vaults in at least two German banks.



Other data exposed by the hackers included documents containing information on alarm systems and surveillance cameras in use at a branch of the SEB bank in Sweden.



“Of course, we have been aware that files that originate from us are available on Darknet, and we naturally regret that this is the case,” said Syrén in a statement yesterday. “Unfortunately, this is exactly how computer criminals work.” 



“Therefore, I would like to emphasize that it has never been an alternative for Gunnebo to pay a ransom to have the files deleted. The only way to curb this kind of crime is that the affected organizations do not fall short and pay out ransoms.”



Gunnebo is a multinational company headquartered in Gothenburg, Sweden, that counts airports, nuclear power plants, banks, and hospitals among its clients. The company specializes in security products, services, and solutions mainly in the areas of cash management, entrance control, safe storage, and integrated security.



In a statement released just after the attack occurred, Syrén said: “We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Säpo.”


Source: Infosecurity
Hackers Leak Swedish Security Firm’s Data

Joint Network Established to Combat E-Commerce Fraud

Joint Network Established to Combat E-Commerce Fraud

Forter has announced a new collaboration with e-commerce platform FreedomPay in a bid to combat growing levels of fraud as well as reduce false decline rates.


The partnership represents the first joint network for online merchants and banks to instantly block fraud attempts and allow legitimate customers to operate freely.


Online shopping has grown substantially during the COVID-19 pandemic following the closure of shops and with people being forced to spend more time indoors. This has led to fraudsters increasingly moving online to take advantage of this shift in consumer behavior.


Forter said that online transaction volumes for new users had more than doubled since the start of the crisis, and this has led to much higher false decline rates, as these customers are five- to seven-times more likely to be declined due to lack of data with legacy fraud prevention systems. This can damage customer experiences, leading to lost revenue for retailers.


The new partnership seeks to overcome the issue of multiple players involved in each online transactions, e.g. the online merchant, the credit card issuer and the bank, using different fraud solutions. It is hoped Forter and FreedomPay’s global network will allow merchants to confidently accept users they have never seen before.


Forter added that its fraud prevention capabilities available from the network meet regional and country specific compliance requirements for merchants, including 3D secure and other SCA methods for PSD2.


Liron Damri, co-founder and president of Forter, commented: “Our coalition of merchants, payment providers and banks fighting fraud together is a huge step forward in global fraud prevention. With over $200bn in online transactions and over 800 million trusted users, we enable our coalition members to be way more effective in fighting fraud and growing the business with confidence.


“Partnering with an industry leading payment organization, like FreedomPay, allows us to provide its merchants with the most optimal user experience and with a trusted environment that allows them to grow with confidence.”


Source: Infosecurity
Joint Network Established to Combat E-Commerce Fraud

CVE-2020-27978

Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.
Source: NIST
CVE-2020-27978

CVE-2020-27974

NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUS_SCM_BlockStart.php?code= XSS.
Source: NIST
CVE-2020-27974

CVE-2020-27975

osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.
Source: NIST
CVE-2020-27975

CVE-2020-27976

osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.
Source: NIST
CVE-2020-27976

SHe CISO Exec. to Host Second Virtual Cybersecurity Boot Camp This Year

SHe CISO Exec. to Host Second Virtual Cybersecurity Boot Camp This Year

SHe CISO Exec. has announced that it is hosting its boot camp on cybersecurity and leadership virtually for the second time this year, taking place December 7-11 2020.


The SHe CISO Exec. team has elected to lay on the extra program in light of the socio-economic damage caused by the COVID-19 pandemic, which has heightened the need for young people to learn skills for employment. Its giveback training and mentoring platform aims to help develop a new generation of diverse and emotionally intelligent cybersecurity leaders in the face of the growing threat of cybercrime.


Over the five-day course, qualified and internationally recognized industry leaders will provide participants with insights into security domains and industry best practices as well as outline ethical leadership and self-development skills to enable them to reach their full potential.


Applicants who demonstrate their eligibility will be offered up to 100% scholarships to attend the virtual boot camp.


The announcement has come amid the ongoing global cybersecurity skills shortage, and SHe CISO Exec. believes its program can help bridge the gaps and enable CISOs to identify the right security talent. It added that companies can also reduce their recruitment costs by upskilling existing security staff through sponsoring them on the course.


SHe CISO Exec. commented: “The five-day boot camp offers its participants an engaging learning experience capturing the quintessential blend of information security training, leadership skill development, speed mentoring, coaching, networking opportunities and much more. The program has been receiving great feedback from the participants so far and will continue to create value for the participants and the industry.”


Founder of the program Chani Simms, who is also managing director of Meta Defence Labs UK and Sri Lanka, said: “I founded SHe CISO Exec. to focus on bridging the skill, diversity and leadership gaps in the cybersecurity industry to create emotionally intelligent cybersecurity leaders. This is my give back to the community and what I would give my younger self.”


Those interested in applying for December’s boot camp can do so via the SHe CISO Exec. website


Source: Infosecurity
SHe CISO Exec. to Host Second Virtual Cybersecurity Boot Camp This Year

CVE-2020-22552

The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed.
Source: NIST
CVE-2020-22552

CVE-2020-24303

Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
Source: NIST
CVE-2020-24303

Physical Security Has a Lot of Catching Up to Do

The transformation we need: merging the network operations center with the physical security operations center.
Source: DarkReading
Physical Security Has a Lot of Catching Up to Do