Welcome to our weekly update blogs on key security news and issues oberved last week.
Colonial Pipeline Ransomware Attack
Colonial Pipeline, the operator of a major pipeline system that transports fuel from Texas to the East Coast said Saturday it had been victimized by a Ramsomware Attack and had halted all pipeline operations to deal with the attack. The company was still battling at the time of this report to re-open a pipeline that distributes 100 million gallons of fuel each day. This attack may have far reaching consequences as Russian Cybercriminal Gang is suspected to be involved.
Close to 80% of Net Neutrality Comments to FCG were Fake
New York Attorney General Letitia James, on 6th of May released a report detailing the results of investigations into fake comments submitted to the Federal Communications Commission (FCC) in 2017. Net neutrality prohibits broadband providers from blocking, slowing down, or charging companies to prioritize certain content on the internet. This investigation uncovered widespread fraud, as well as abusive practices used to sway government policy.
Peloton API Leaking End User’s Private Information
Home Exercise Giant Peloton made news for all the wrong reasons. Security researcher Jan Masters from Pen Test Partners discovered that a bug allowed scraping of user’s personal information from the Peloton Servers irrespective of the privacy settings. Paleton decided to voluntarily recall two of it’s models. After the news, the stock of Paleton was down cloud to $13 at a value of $83.50. It’s another example on what kind of damage a single open vulnerability may cause.
Exim Mail Server Security Vulnerabilities
Qualys Identified multiple critical security vulnerabilities in leading linux MTA Exim. Some of them can actually be chained to obtain full remote unauthenticated code execution and get root privileges. Millions of Exim servers are known to be exposed to the internet. Exim responded promptly with a security update to address multiple vulnerabilities in Exim versions prior to 4.94.2.
Dell released Security update for High Security Flaws
SentinelLabs reported on Tuesday (4th of May) to have discovered five high severity flaws in Dell’s firmware update driver impacting Dell desktops, laptops, notebooks and tablets impacting hundreds of millions of Windows devices worldwide which contain the vulnerable driver. The findings were proactively reported to Dell on Dec 1, 2020 and are tracked as CVE-2021-21551, marked with CVSS Score 8.8. Dell has released a security update to its customers to address this vulnerability.
Pulse Secure Fixes Zero-Day Vulnerabilities
Pulse Secure VPN has released a fix for a critical zero-day vulnerability in its Connect Secure VPN devices. This was known to be exploited widely by nation-state actors to launch cyberattacks against U.S. government and defense establishments.
Make sure to keep all your devices updated to the latest firmware and OS versions possible and keep watching for the watchers.