AWS cloud business keep running strong in the market. Amazon S3 or Amazon Simple Storage Service is a “simple storage service” offered by Amazon Web Services (AWS) that provides object storage through a web service interface.
S3 buckets can be configured with public access. But S3 looks like a burden for AWS reputation. Since the access permission is similar do it yourself service type.
So, AWS customer must be confirm the access permission themselves in order to cope with their business function access permission policy.
However if customer apply the services with mistaken permission setup. It will be jeopardizing AWS company reputation as well.
Alteryx S3 leak leaves 123m American households exposed1 – Dec 19, 2017
Open AWS S3 bucket exposes private info on thousands of Fedex customers2 – Feb 15, 2018
Sensitive medical records on AWS bucket found to be publicly accessible3 – Jan 22, 2018
Domain Name Registrar was exposed Online (31,000 GoDaddy servers) – Aug 2018
How to avoid?
Hints can find in the following document (Identifying Public Buckets Using Bucket Permissions Check).
All SWIFT users must comply with the mandatory security controls by the end of 2018.
Introduction of new controls or guidelines will take account of strong cybersecurity practices that address the currently known new and arising threats in order to pragmatically raise the security bar.
Mandatory Security Controls
1. Restrict Internet Access and Protect Critical Systems from General IT Environment
2. Reduce Attack Surface and Vulnerabilities
3. Physically Secure the Environment
4. Prevent Compromise of Credentials
5. Manage Identities and Segregate Privileges
6. Detect Anomalous Activity to Systems or Transaction Records
7. Plan for Incident Response and Information Sharing
Swift system is on the way do the enhancement continuously. But do you think such continuous program will be effectively avoided cyber security attack? For instance Bangladesh heist.
It is hard to tell what is the next cyber attack challenge in the moment. Let’s keep our eye open. Stay tuned!
Bank Negara Malaysia (Bank) detected and foiled a cybersecurity incident involving attempted unauthorized fund transfers using falsified SWIFT messages.
The technical details issued by patch Tuesday not describe explicitly (see below).
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge.This vulnerability could also be exploited through Microsoft Edge via specially crafted web sites or advertisements..
Remark: The push() method adds oneor more elements to the end of an array and returns the new length of the array.
Integrated Windows Authentication utilizes Negotiate/Kerberos or NTLM to authenticate users based on an encrypted ticket/message passed between a browser and a server. This is the standard authentication algorithm for Microsoft products.
Hacker steal the NTLM Credentials via PDF Files. They exploit NTLM hash leaks stealing a Windows user’s NTLM hashes.
Updates for Photoshop CC for Windows and macOS
Security updates for Adobe Acrobat and Reader for Windows
Security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS
Known technical concerns:
Node.js has a set of built-in modules which you can use without any further installation.
So, in certain circumstances, it is bring out the security concerns.
Known vulnerability modules:
Prototype Pollution Vulnerability in cached-path-relative Package
[tianma-static] Stored xss on filename
[takeapeek] Path traversal allow to expose directory and files
SIPROTEC and SICAM – Siemens products and solutions for protection engineering, station automation, power quality, and measurement – can be connected directly and easily to MindSphere and other cloud-based platforms.
What is MindSphere?
MindSphere is an open cloud platform or “IoT operating system” developed by Siemens for applications in the context of the Internet of Things. MindSphere stores operational data and makes it accessible through digital applications to allow industrial customers to make decisions based on valuable factual information.
SICAM Q200 V2.40 firmware released with security-relevant updates
SICAM Q100 V1.30 firmware released with security-relevant updates
OpenSSL sources modified by Siemens issued on 11th Sep 2018.
However OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack (use variations in the signing algorithm recover the private key).
Above vulnerability with reference number CVE-2018-0734 announced on 30th Oct 2018.
It looks that there is a gap in between version. But it cannot confirm whether there is an impact?
Regarding to above technical details. Do you have any doubt?
Subject: VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
VMXNET3 (VMXNET Generation 3) is a virtual network adapter designed to deliver high performance in virtual machines (VMs) running on the VMware vSphere platform.
How to enable it?
1. Power off your Virtual Appliance in the VMWare Console.
2. Right click the Virtual Appliance, go to Settings.
3. Select Network Adapter 1 and click Remove.
4. Click Add and choose Network Adapter.
5. Choose VMXNET3 under type.
The uninitialized stack memory vulnerability will be present if vmxnet3 is enabled.
In computing, an uninitialized variable is a variable that is declared but is not set to a definite known value before it is used. It will have some value, but not a predictable one. As such, it is a programming error and a common source of bugs in software.
CUJO is the most adorable home firewall on the Market. Meanwhile if a threat is detected, CUJO smart firewall will tell the cloud what it has blocked so you can receive a notification on your mobile app to confirm it.
Cujo product working with U-boot.
U-Boot is the bootloader. Meanwhile, it provides the basic infrastructure to bring up a board to a point where it can load a linux kernel and start booting the operating system.
Vulnerabilities found on U-Boot (CVE-2018-18439, CVE-2018-18440)
CVE-2018-18439: U-Boot filesystem image load buffer overflow
CVE-2018-18440: U-Boot insufficient boundary checks in filesystem image load
Observation: No technical information provided by Vendor (CUJO AI) in the moment. We keep our eye open whether a remedy will be issued by vendor soon.