Nightfall InfoSec Round-up: November 8 to November 18
Cyber Attacks & Breaches
Retailer Orvis.com Leaked Hundreds of Internal Passwords (Krebs on Security) November 11th
Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers.
Magento Urges Users to Apply Security Update for RCE Bug (Bleeping Computer) November 11th
Magento’s Security Team urged users to install the latest released security update to protect their stores from exploitation attempts trying to abuse a recently reported remote code execution (RCE) vulnerability.
Intel Failed to Fix a Hackable Chip Flaw Despite a Year of Warnings (Wired) November 12th
Researchers revealed new versions of a hacking technique that takes advantage of a deep-seated vulnerability in Intel chips. They’re spins on something known as ZombieLoad or RIDL, an acronym for Rogue In-Flight Data Load; Intel refers to it instead as microarchitectural data sampling, or MDS.
VMware patches five security vulnerabilities (SC Magazine) November 13th
VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation.
McAfee antivirus software impacted by code execution vulnerability (ZDNet) November 13th
On Tuesday, the SafeBreach Labs cybersecurity team said that CVE-2019-3648 can be used to bypass McAfee’s self-defense mechanisms, potentially leading to further attacks on a compromised system. The vulnerability exists due to a failure to validate whether or not loading DLLs have been signed.
Code Execution Vulnerability Found In Symantec Endpoint Protection (Symantec) November 18th
The Symantec Endpoint Protection Local Privilege Escalation (LPE) bug now tracked as CVE-2019-12758 requires potential attackers to have Administrator privileges to successfully exploit the issue. While the threat level of this vulnerability is not immediately apparent, such bugs are commonly rated with medium and high severity CVSS 3.x base scores.
Risks & Warnings
Researchers Find New Approach to Attacking Cloud Infrastructure (Dark Reading) November 11th
A new attack vector exists in cloud providers’ application programming interfaces (API), which are accessible through the Internet and give adversaries an opportunity to take advantage and gain highly privileged access to critical assets in the cloud.
5G has security flaws that could let hackers track your location (MIT Technology Review) November 13th
Security researchers have identified 11 design vulnerabilities with 5G protocols that could expose a user’s location, spoof emergency alerts, track phone activity (calls, texts, or web browsing), or silently disconnect the phone from the network altogether.
Passwords should become a thing of the past. Here’s why (World Economic Forum) November 18th
Over the past decade, the average person’s digital footprint has been exposed to increasing numbers of third parties. Now the average consumer manages over 191 pairs of usernames and passwords.
Receive the next edition of Nightfall’s InfoSec Roundup directly via email by subscribing here.
Financial services businesses can use DLP to eliminate the risk of data exfiltration and boost their overall security strategy. Learn what the different types of PII are, what’s really at stake when this data is at risk, and how laws only do some of the work needed to keep data safe.
Maynard Webb, a Nightfall investor, tech veteran, and industry thought leader recently joined us for a discussion. We talk about how his early career shaped his values and perspective, what motivated him to write his New York Times bestseller, Rebooting Work, as well as how the coronavirus will reboot the tech industry.
It's impossible to understand cloud security without first understanding the shared responsibility model. First touted by AWS, the shared responsibility model is now a staple of many services and the best way of understanding on which parties specific security obigations lie.
Ryan Nece followed in his father Ronnie Lott’s footsteps to become a Super Bowl champion, philanthropist, and venture capital leader. As the co-founder and managing partner of Next Play Capital, he's investing in rising startups like Caliva, hims, and Nightfall. Ryan shares what it takes to achieve in Silicon Valley, why giving back is essential for personal and professional growth, and how he manages a demanding, multi-faceted career.
Stuart McClure, CEO and founder of Cylance as well a Nightfall Investor talks about his what sparked his interest in information security as well as how he built prominent security companies like Foundstone and Cylance, the latter of which was acquired by Blackberry for $1.4 billion last year. Stuart shared his thoughts on the importance of AI in cloud security as well as what it takes to innovate in the infosec space.