May 22, Softpedia – (International) Apache Hive infrastructures vulnerable to authentication flaw in HiveServer2. Apache reported that a vulnerability in all versions of its HiveServer2 interface for Apache Hive enterprise data warehouse infrastructure in which users without proper credentials could gain access by exploiting a flaw in the Lightweight Directory Access Protocol (LDAP) authentication mode. The company recommended that users update to the newest version or disable unauthenticated binds in the LDAP service. Source
May 22, Securityweek – (International) Flawed Android factory reset allows recovery of sensitive data: researchers. Security researchers at the University of Cambridge discovered that up to 500 million Android devices may not properly sanitize data partitions containing credentials and other personal data when users utilize the “factory reset” feature. Source
May 22, Help Net Security – (International) mSpy finally admits they’ve been hacked. Officials from mSpy announced that their servers had been breached, and that data from 80,000 customers could have been stolen and leaked on the Dark Web. The software is intended for legal monitoring of individuals’ online and phone activity. Source
May 21, Securityweek – (International) Hundreds of cloud services potentially vulnerable to Logjam attacks: Skyhigh. Skyhigh’s Service Intelligence Team found that 575 cloud services were potentially vulnerable to attacks following the discovery of the transport layer security (TLS) vulnerability dubbed Logjam which affects a number of cloud services. The vulnerability is caused as a result of the way the Diffie-Hellman (DHE) key exchange is deployed, and can be exploited by a man-in-the-middle (MitM) attacker to down grade TLS connections in order to gain access to the data. Source
May 20, Softpedia – (International) Amount of new malware strains more than doubled in second half of 2014. G Data researchers found that in the second half of 2014, hackers increased their malware threats as the amount of new strains grew to 125 percent, with the most prevalent being adware variants, which accounted for 31.4 percent of all threats. Researchers also determined that Vawtrak was the predominant banking trojan and focused on targets in the U.S., U.K., and Canada, in addition to new targets in France and Russia. Source
May 20, SC Magazine – (International) DDoS attacks increase and methods changed in Q1 2015, report says. Akamai released its Q1 2015 State of the Internet Report, which found that hackers are using lower bandwidth distributed denial of service (DDoS) attacks that occur more frequently and last longer, and that Simple Service Discovery Protocol (SSDP) attacks accounted for 20 percent of attack vectors. The report also found that the gaming industry was the most targeted industry, accounting for 35 percent of all attacks, and that more than 50 percent of all DDoS attacks targeted China, Germany, and the U.S. Source
May 20, Securityweek – (International) Apples fixes security bugs with first update for Watch OS. Apple released update 1.0.1 patching 13 vulnerabilities for its Watch operating system (OS), the iOS-based operating system that runs on the Apple Watch, addressing certain components including, the Secure Transport, kernel, Foundation framework, FontParser, IOHIDFamily, and IOAcceleratorFamily. The update also addresses the factoring RSA export key (FREAK) vulnerability, which allows a man-in-the-middle (MitM) attacker to access encrypted data. Source