Insights

Cybersecurity Weekly: Trend Micro, Firefox flaw and Amazon Ring Video doorbell

 

Cybersecurity Weekly: Trend Micro, Firefox flaw and Amazon Ring Video doorbell

Nov 13, 2019

Breaches

  • A Trend Micro employee stole customer data and sold them to criminals who used the information to conduct a support call phone scam. The breach affected 68,000 customers.
  • The City of Ocala in Florida fell victim to a business email compromise scam (BEC) that ended with redirecting over $742,000 to a bank account controlled by the fraudster(s). The swindle involved a phishing email impersonating an employee of a construction company the city is using to build a new terminal at the Ocala International Airport.
  • A Utah eye clinic began notifying about 20,000 patients last week about a June 2018 breach involving a third-party appointment reminder portal vendor. Many of the affected individuals had been previous targets of an email scam last year tied to the breach.

Vulnerabilities

  • A flaw in Firefox is being actively exploited to freeze the browser. The freeze occurs after a pop-up message tells users they are running a pirated version of Windows and that it has been hacked. The message appears without user interaction when they visit sites that have been seeded with the malicious code. Users have to force close the browser.
  • Two bugs in the network configuration utility rConfig have been identified, both allowing remote code execution on affected systems. Worse, one is rated critical and allows for a user to attack a system remotely – sans authentication.
  • US-CERT Vulnerability Summary for the week of November 4, 2019.

Patches & Updates

  • Amazon has fixed a vulnerability in its Ring Video Doorbell Pro Internet-connected doorbell that could be exploited to sniff the WiFi credentials for the home network. The device and its associated app communicate via HTTP rather than HTTPS. A fix has been pushed out to all devices.
  • Cisco has released firmware updates to fix several security issues affecting its RV320 and RV325 Dual Gigabit WAN VPN Routers. Cisco notes the issues as “static certificates and keys, hardcoded password hashes, and multiple vulnerabilities in third-party software components.”
  • Nvidia has issued fixes for high-severity flaws in two popular gaming products, including its graphics driver for Windows and GeForce Experience. The flaws can be exploited to launch an array of malicious attacks – from denial-of-service efforts (DoS) to escalation of privileges.

WipfliSecurity Weekly in your inbox.

Want to get WipfliSecurity Weekly a day earlier, delivered right to your inbox? Sign up.

Video: Managed Detection and Response Solution

Cyber threats are growing and becoming more sophisticated. Organizations need strong detection and response capabilities to quickly identify threats and act before they turn into breaches. Learn more about Wipfli’s managed detection and response solution.