January 6, SecurityWeek – (International) Linode resets user passwords after breach. Linode reported that it reset customers’ Linode Manager passwords after the company discovered that a massive distributed denial-of-service (DDoS) attack was launched on its website, data centers, and Domain Name System (DNS) infrastructure, in addition to multiple volumetric attacks that targeted its authoritative nameservers and public websites, which may have compromised user credentials from the company’s database. The exposed database included usernames, email addresses, password hashes, and encrypted two-factor authentication seeds. Source
January 6, SecurityWeek – (International) Researchers publish default passwords for ICS products. SCADA StrangeLove research team released a list of default credentials for industrial control system (ICS) products from various vendors including industrial routers, programmable logic controllers (PLC), and wireless gateways, among other products, to reveal that default passwords can pose a serious vulnerability for systems if remotely accessed. The team reported that vendors should implement proper security controls such as establishing password strength policies and forcing users to change passwords on the first login. Source
January 6, SecurityWeek – (International) Vulnerability exposed Blackphone to complete takeover. Silent Circle released updates for its privacy-focused Blackphone 1 mobile device that patched several security flaws including a modem vulnerability that can be exploited by attackers to take control of the device’s functions through an open-access socket that interacts with an NVIDIA Icera modem binary named agps_daemon, embedded with elevated privileges, to communicate directly to the Blackphone modem and record anything it receives to the ttySHM3 port. Attackers disguised with shell user privileges could send commands to the modem to exploit the flaw. Source
January 5, Softpedia – (International) Author of Linux.Encoder fails for the third time, ransomware is still decryptable. Researchers from Bitdefender reported that a Linux.Encoder decryption tool was available for free following the discovery of a third version of the Linux.Encoder malware which has infected about 600 servers. The ransomware targets web servers and looks to encrypt files used in web hosting and web development environments. Source
January 6, Help Net Security – (International) Flaw in Comcast’s home security system lets burglars in without triggering alarm. A researcher at Rapid7 discovered a critical flaw in the Comcast XFINITY Home Security system that can allow burglars to enter homes without triggering the alarm by causing interference or deauthentication to the ZigBee-based communications protocol via commodity radio jamming equipment and software-based deauthentication attacks on the protocol itself. There are currently no patches for the flaw. Source