December 7, Softpedia – (International) Trifecta of security bugs affecting Dell, Lenovo, and Toshiba products. Security researchers from LizardHQ reported that three major security vulnerabilities were affecting current and older versions of computer products including Dell System Detect, Lenovo’s Solution Center, and Toshiba Service Station that allows attackers to abuse an application program interface (API) to bypass the Windows User Account Control limitations on Dell products, run malicious code and escalate privileges to administrative rights on Lenovo products, and allows attackers to read parts of the Windows registry as a SYSTEM-level users in Toshiba products. The companies released recommendations on how to fix the vulnerabilities. Source
December 7, Help Net Security – (International) Microsoft warns of imminent end of support for all but the latest Internet Explorer versions. Microsoft reported that the company will no longer provide security updates, non-security updates, online content updates, or technical support for older versions of its web browser, Internet Explorer in an attempt to encourage users to upgrade from Internet Explorer 11 to Microsoft Edge and Windows 10. Source
December 7, SecurityWeek – (International) Serious flaws found in Honeywell gas detectors. Honeywell released firmware updates to it Midas gas detectors after a security researcher discovered that Midas gas detectors running firmware versions 1.13b1 and older, and Midas Black products running firmware versions 2.13b1 and older, were susceptible to a path traversal flaw and a clear text flaw that can be exploited remotely by an attacker with low skill by typing a targeted Uniform Resource Locator (URL) into the device to bypass authentication procedures. Source
December 7, SecurityWeek – (International) Russian cyberspies use updated arsenal to attack defense contractors. Researchers from Kaspersky Lab reported that Russian-linked cyber espionage group, Pawn Storm, which targets international military, media, defense, and government organizations has updated its data theft tools and is utilizing a new version of the AZZY trojan which is being delivered by another piece of malware instead of a zero-day exploit. The new AZZY backdoor also uses an external library for command and control (C&C) communications. Source
December 4, SecurityWeek – (International) International operation disrupts dorkbot botnet. Global law enforcement agencies have partnered with Microsoft, ESET, and CERT Polska to disrupt the Dorkbot botnet, dubbed Nrgbot, after the malware spread through multiple channels, including Universal Serial Bus (USB) flash drives, instant messaging programs, social network sites, exploit kits (EK), and spam emails, affecting over a million computers in 190 countries. Researchers advised users to keep their antivirus programs updated at all times to ensure proper protection from the malware that steals personal information and credentials and distributes other forms of malware. Source