May 20, Softpedia – (International) TLS protocol flawed, HTTPS connections susceptible to FREAK-like attack. Cryptography and security researchers discovered that approximately 8.4 percent of the top one million domains containing mail and web servers are vulnerable to an attack dubbed Logjam, in which an attacker could compromise a secure communication between a client and server by downgrading the transport layer security (TLS) connection to 512-bit export-grade cryptography due to left over variants of the Diffie-Hellman cryptographic key exchange mechanism from the 1990s. The attack method is similar to the one used in the Factoring RSA Export Keys (FREAK) attacks from early 2015. Source
May 20, Securityweek – (International) Millions of routers vulnerable to attacks due to NetUSB bug. Security researchers at SEC Consult discovered a kernel stack buffer overflow vulnerability in NetUSB drivers developed by Taiwan-based KCodes, in which an unauthenticated attacker can execute arbitrary code or cause a denial-of-service (DoS) condition by specifying a computer name longer than 64 characters whenthe client connects to the server. The driver is found in millions of routers from vendors including Netgear, TP-Link, ZyXEL, and TRENDnet. Source
May 19, Threatpost – (International) Google fixes sandbox escape in Chrome. Google patched 37 bugs in Chrome version 43, including 6 high-risk sandbox-escape, cross-origin bypass, and use-after-free vulnerabilities discovered by various security researchers. Source
May 19, Threatpost – (International) Malvertising leads to Magnitude exploit kit, ransomware infection. Security researchers at Zscaler discovered that attackers are using malicious ads and 302 cushioning attacks to direct users to sites hosting the Magnitude exploit kit (EK), which in turn infects users with CryptoWall ransomware. The researchers reported that most of the threat infrastructure for these attacks is housed in Germany. Source