August 12, Softpedia – (International) Locky ransomware uses vulnerable PHP forms for spam distribution. Researchers from Cisco’s OpenDNS team discovered that the group behind the Locky ransomware is leveraging security flaws in a PHP: Hypertext Preprocessor (PHP)-based Web-to-email service that allows the cybercriminals to brute-force the Web from and make it send a message with the Locky payload attached to any email address due to a vulnerability in a PHP contact form script. Researchers advised users to update their PHP Web-to-email form to the latest version to fix the problem. Source
August 12, SecurityWeek – (International) Microsoft patches flaw related to “malicious butler” attack. Microsoft released a patch addressing a serious Windows authentication bypass vulnerability, dubbed a “remote malicious butler” attack after researchers discovered the flaw can be leveraged remotely to bypass authentication on the Windows login screen, and found that in a patched version of Windows, a device’s password could be changed if the rogue domain controller was disconnected in the middle of the password reset process. Researchers stated the patch addresses both the local evil maid attack and the remote butler version of the attack. Source
August 11, Help Net Security – (International) Hundreds of millions of cars can be easily unlocked by attackers. Security researchers discovered two remote system attacks capable of unlocking millions of cars including one attack that targets Volkswagen Group cars and involves recovering the cryptographic algorithms and keys from electronic control units, which allows an attacker to clone the signal to open the vehicle, and another attack that exploits the cryptographically weak cipher in Hitag2 rolling code scheme used by manufacturers like Chevrolet and Ford, among others, to unlock the vehicle. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report