Preface: The phrase “old wine in new bottles”! Cyber security world has similar things all the time!
About SS7 design weakness:
Business impact: A U.K. bank says no customers lost money after cyber attackers attempted account takeovers by rerouting one-time passcodes, Motherboard reports. The National Cyber Security Centre (NCSC) also confirmed. Such attacks involve tampering with Signaling System #7, the protocol used to route mobile phone calls worldwide.
Security advice: A one-time passcode may be sent over SMS, but the safer way is to use an authenticator app, such as Authy, Cisco’s Duo or Google Authenticator, to generate the code.
Preface: The Marvell 88W8897A SoC (System on a Chip) is the industry’s first 802.11ac chip to combine Bluetooth 4.2, mobile MIMO (Multi-input Multi-output), transmit beamforming, and with built-in support for all screen projection technologies.
Technology Background: Computer design primary focus on memory usage. Even though without an exception in SoC (System on a Chip) design.
Vulnerability found: During Wi-Fi network scans, an overflow condition can be triggered, overwriting certain block pool data structures.
Exploitation of vulnerability: Attacker can exploit ThreadX block pool overflow vulnerability to intercept network traffic or achieve code execution on the host system.
Remedy: Marvell encourages customer to contact their Marvell representative for additional support.
Remark: This vulnerability was post on headline news on mid of January 2019. However we could not found any positive responses announce by vendor.
Preface: Cyber security experts predict that global DNS hijacking activities are underway. However, it is not certain who is the attacker (the cyber attack group), FireEye said on January 9, 2019.
Background information: This cybersecurity incident caught the attention of the Network Security and Infrastructure Security Agency (CISA). Whereby, CISA released their first emergency order on January 22, 2019. They urge the world to understand the current situation (global DNS hijacking campaign). At the same time, they released a mitigation solution for mitigating DNS system. For more details, please see below: https://cyber.dhs.gov/blog/#why-cisa-issued-our-first-emergency-directive
My observation: While DNS software is specially designed to fulfill one specific role, applications like Bind are incredibly flexible and can be used as hybrid solutions. However there are plenty of vulnerabilities ( high severity of risk) found on Bind system software.Please refer following url for reference:
Is it a careless mistake? It is hard to tell. From technical point of view, Blackrock is easy to figure out the problem though their spreadsheet management system.
Prediction: If it didn’t find related suspicious activity in the spreadsheet management system and security incident event management? What is the next step? Do the dark web research may find out some hints. If the final confirmation is a user negligence. In a nutshell, user negligence shown the design weakness of awareness training program.