Select Page
Twitter Discloses Suspected State-Sponsored Attack After Minor Data Breach

Twitter Discloses Suspected State-Sponsored Attack After Minor Data Breach

Twitter has been hit with a minor data breach incident that the social networking site believes linked to a suspected state-sponsored attack.

In a blog post published on Monday, Twitter revealed that while investigating a vulnerability affecting one of its support forms, the company discovered evidence of the bug being misused to access and steal users’ exposed information.

The impacted support form in question was used by account holders to contact Twitter about issues with their account.

Discovered in mid-November, the support form API bug exposed considerably less personal information, including the country code of users’ phone numbers associated with their Twitter account, and “whether or not their account had been locked.”

So far the company has declined to provide more details about the incident or an estimate for the number of accounts potentially impacted but says it believes that the attack may have ties to state-sponsored actors.

images from Hacker News

Mayday! NASA Warns Employees of Personal Information Breach

Mayday! NASA Warns Employees of Personal Information Breach

Another day, another data breach. This time it’s the United States National Aeronautics and Space Administration (NASA)

NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency’s servers was hacked.

In an internal memo sent to all employees on Tuesday, NASA said the unknown hackers managed to gain access to one of its servers storing the personally identifiable information (PII), including social security numbers, of current and former employees.

The agency said NASA discovered the breach on October 23 when its cybersecurity personnel began investigating a possible breach of two of its servers holding employee records.

images from Hacker News

Adobe’s Year-End Update Patches 87 Flaws in Acrobat Software

Adobe’s Year-End Update Patches 87 Flaws in Acrobat Software

Adobe is closing out this year with its December Patch Tuesday update to address a massive number of security vulnerabilities for just its two PDF apps—more than double the number of what Microsoft patched this month for its several products.

Adobe today released patches for 87 vulnerabilities affecting its Acrobat and Reader software products for both macOS and Windows operating systems, of which 39 are rated as critical and 48 important in severity.

The security update comes less than a week after Adobe released patches for a critical zero-day vulnerability (CVE-2018-15982) in Flash Player that was actively being exploited in a targeted attack targeting a Russian state health care institution.

The critical vulnerabilities addressed today in Acrobat and Reader include three heap-overflow bugs, five out-of-bounds write flaws, two untrusted pointer dereference issues, two buffer errors, and 24 use-after-free bugs.

Upon successful exploitation, all of the above critical vulnerabilities would allow an attacker to execute arbitrary code on compromised computers.

Rest three critical-rated issues addressed this month are all security bypass issues which, if exploited, would lead to privilege escalation.

In addition to the critical bugs, Adobe patched 48 ‘important’ security flaws in the Acrobat and Reader, including 43 are out-of-bounds read issues, four integer overflow flaws, and two security bypass issues—all of which could lead to information disclosure.

According to the company’s support website, vulnerabilities rated as important, “if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources in a user’s computer.”

images from Hacker News

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity.

One of the security vulnerabilities patched by the tech giant this month is listed as publicly known at the time of release, and one is a zero-day reported as being actively exploited in the wild by multiple hacking groups, including FruityArmor and SandCat APTs.

Discovered and reported by security researchers at Kaspersky, the zero-day attack exploits an elevation-of-privilege (EoP) bug in the Windows Kernel (ntoskrnl.exe) that could allow malicious programs to execute arbitrary code with higher privileges on the targeted systems.

The vulnerability, tracked as CVE-2018-8611 and classified important in severity, resides in the Kernel Transaction Manager, which occurs due to improper processing of transacted file operations in kernel mode.

The flaw affects almost all versions of Windows operating system—Windows 7 through Server 2019.

images from Hacker News

phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the affected web servers.

The phpMyAdmin project last Sunday gave an early heads-up about the latest security update through its blog, probably the first time, as an experiment to find if pre-announcements can help website admins, hosting providers and package managers better prepare for the security release.

“We are inspired by the workflow of other projects (such as Mediawiki and others) which often announce any security release in advance to allow package maintainers and hosting providers to prepare. We are experimenting to see if such a workflow is suitable for our project,” phpMyAdmin release manager Isaac Bennetch told The Hacker News.

phpMyAdmin is a free, open-source administration tool for managing MySQL databases using a simple graphical interface over the web-browser.

Almost every web hosting service pre-installs phpMyAdmin with their control panels to help webmasters easily manage their databases for websites, including WordPress, Joomla, and many other content management platforms.

Besides many bug fixes, there are primarily three critical security vulnerabilities that affect phpMyAdmin versions before release 4.8.4, phpMyAdmin revealed in its latest advisory.

images from Hacker News