May 11, SecurityWeek – (International) Wi-Fi flaw exposes Android devices to attacks. Google and the developers of Wi-Fi Protected Access (WPA) supplicant patched a high severity privilege escalation flaw that is used in the Android operating system (OS) and several other products after SEARCH-LAB researchers determined that the vulnerability can be exploited to write arbitrary values in the wpa_supplicant configuration file, allowing an attacker to execute arbitrary code with elevated privileges or disrupt the device’s Wi-Fi functionality. The weakness is exploited through a Wi-Fi Protected Setup (WPS) attack or the wpa_supplicant control interface. Source
May 11, SecurityWeek – (International) Microsoft patches flaws exploited in targeted attacks. Microsoft released 16 security bulletins patching over 30 flaws exploited via Internet Explorer, Windows, and Office which address JavaScript and Visual Basic Scripting Edition (VBScript) zero-days, several remote code execution (RCE) vulnerabilities in Edge running on Windows 10, and a Transport Layer Security (TLS) vulnerability, among others. Source
May 10, SecurityWeek – (International) Syrian Electronic Army hacker extradited to U.S. A suspected member of the Syrian Electronic Army hacktivist group was extradited from Germany to the U.S. to face charges that he and two other alleged members took part in a criminal conspiracy related to their campaign which involved targeting and hacking into the systems of government organizations, media companies, and other private-sector entities. Source
May 10, Network World – (International) DHS moves to bolster intrusion/detection for Federal networks. DHS released its Privacy Impact Assessment and announced the addition of a new intrusion prevention security service to its National Cybersecurity Protection System (NCPS) dubbed Einstein 3A which is a Web Content Filtering system that provides protection at the application layer for Web traffic by blocking access to suspicious sites, and works to prevent, detect, and block malware from running on systems and networks. Source
May 10, Threatpost – (International) Adobe warns of Flash zero day, patches Acrobat, Reader. Adobe issued 95 fixes for Acrobat, Reader, and ColdFusion addressing use-after-free vulnerabilities, memory corruption flaws that could lead to code execution, heap buffer overflow vulnerabilities, and several other flaws that could result in information disclosure or memory leak. A patch for a zero day vulnerability in Flash Player which could cause a crash and allow an attacker to take control of the system is expected to be released the week of May 9. Source
Reprinted from the USDHS Daily Open Source Infrastructure Report