October 14, Securityweek – (International) Authorities seize servers to disrupt Dridex botnet. U.S. and European authorities worked with private cybersecurity organizations to disrupt the activities of the Dridex information-stealing botnet by poisoning the peer-to-peer (P2P) network of each sub-botnet, redirecting infected systems’ communications from the botnet to a sinkhole. The botnet resulted in estimated losses of $10 million in the U.S., and authorities are seeking to extradite one of its administrators who was arrested in Cyprus in August. Source
October 14, Securityweek – (International) Chrome 46 patches vulnerabilities, simplifies page security icon. Google announced the release of version 46 of its Chrome Web browser, which addresses 24 security vulnerabilities including a cross-origin bypass in the Blink rendering engine, a user-after-free in PDFium and ServiceWorker, and a bad cast issue in PDFium, among others. The update also changed the icon used for Hypertext Transfer Protocol Secure (HTTPS) connections. Source
October 14, Securityweek – (International) Microsoft patches critical flaws in Windows, Internet Explorer. Microsoft released 6 security bulletins addressing over 30 vulnerabilities, including 14 memory corruption, privilege escalation, information disclosure, VBScript and JavaScript address space layout randomization (ASLR) bypass, and remote code execution flaws in Internet Explorer, as well as other ASLR bypass and remote code execution vulnerabilities in Windows, among other fixes for Edge, Office, and the Windows kernel. Source
October 14, Softpedia – (International) Adobe Flash Player zero-days used by hackers linked to Russian government. Security researchers from Trend Micro warned that attackers in the Operation Pawn Storm cyber-espionage campaign are exploiting unpatched zero-day vulnerabilities in Adobe Flash Player in an effort to trick members of overseas government departments and ministries to access Web sites hosting malicious code. The group previously targeted high-profile government targets worldwide, as well as the North Atlantic Treaty Organization (NATO) and the U.S. White House. Source
October 13, Securityweek – (International) Adobe patches many flaws in Flash Player, Acrobat, Reader. Adobe released updates addressing 56 vulnerabilities in Adobe Acrobat Reader, many of which involve bypass restrictions on JavaScript Application Program Interface (API) execution and bypass vulnerabilities that could lead to information disclosure, memory leak issues, and memory corruption bugs, resulting in remote code execution, as well as 13 use-after-free, buffer overflow, memory corruption, and same-origin-policy (SOP) flaws in Flash Player, among other fixes for Edge, Office, and the Windows kernel. Source
October 13, Threatpost – (International) Netgear publishes patched firmware for routers under attack. Netgear published firmware updates addressing a remotely exploitable authentication bypass vulnerability that hackers had exploited to take over up to 10,000 routers, most of which were in the U.S. The flaw allowed an attacker to access the device’s administration interface without knowing the router password. Source
October 13, Nextgov – (National) IRS can’t update woefully out-of-date Windows server because it can’t find some of them. The Treasury Inspector General for Tax Administration at the U.S. Department of the Treasury released a report which found that the Internal Revenue Service was unable to locate 1,300 workstations during its attempt to update its Microsoft software from Windows XP to Windows 7. The report also determined that the bureau had several thousand servers still running Windows Server 2003 and lacked proper oversight, among other security risks. Source