CyberNews: Top Vulnerabilities this week

Following Vulnerabilities:

CVE-2020-16898 — There’s an RCE in the Windows TCP/IP stack related to the handling of ICMPv6 Router Advertisements More

CVE-2020-16898 Highlights

Do not disable IPv6 entirely unless you want to break Windows in interesting ways.
This can only be exploited from the local subnet.
But it may lead to remote code execution / BSOD
PoC exploit is easy, but actual RCE is hard.
Patch

Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. 800,000 SonicWall VPNs are vulnerable to an RCE.

Discord Desktop app RCE

A few months ago, I discovered a remote code execution issue in the Discord desktop application and I reported it via their Bug Bounty Program.

The RCE I found was an interesting one because it is achieved by combining multiple bugs. In this article, I’d like to share the details.. More

Multiple vulnerabilities have been discovered in #Magento CMS, the most severe of which could allow for arbitrary code execution. More

Ransomware Facts, Trends & Statistics for 2020

Abstract

The following facts, statistics, and trends will help you realize how imminent the ransom threat is to your business and personal life.

Ransomware Facts, Trends & Statistics for 2020

Some hackers even corrupt and delete a company’s files while they await the ransom payment, just to show that they’re serious. Regardless of the cyber criminal’s ultimate actions, the actual cost of ransomware goes beyond just the payout.

CrimeOps: The Operational Art of Cyber Crime

As we all know that if cyber crime is country, it may Be the World’s Third-Largest Economy by 2021 and it is interesting to see how organize cyber crime is evolving. There is an article published last month which explains how cyber crime is a big business & how cyber criminals are build from HR, Finance, Project management departments to get things done.

Good Read

CrimeOps: The Operational Art of Cyber Crime

Abstract

Their business… is crime! And every business needs business goals, so I wrote a mock FIN7 mission statement:

Our mission is to proactively leverage existing long-term, high-impact growth strategies so that we may deliver the kind of results on the bottom line that our investors expect and deserve.

How does FIN7 actualize this vision? This is CrimeOps:

Repeatable business process
CrimeBosses manage workers, projects, data and money.
CrimeBosses don’t manage technical innovation. They use incremental improvement to TTP to remain effective, but no more
Frontline workers don’t need to innovate (because the process is repeatable)

How does Qualys vulnerability scanning work?

Abstract

QualysGuard scanning methodology mainly focuses on the different steps that an attacker might follow in order to perform an attack. It tries to use exactly the same discovery and information gathering techniques that will be used by an attacker.

whole the scanning exercise is done in following steps:

1. Checking if the remote host is alive – This detection is done by probing some well-known TCP and UDP ports. By default, we probe TCP Ports 21-23, 25, 53, 80, 88, 110-111, 135, 139, 443, 445 and UDP Ports 53, 111, 135, 137, 161, 500. This can be changed by editing the option profile. If the scanner receives at least one reply from the remote host, it continues the scan.

2. Firewall detection – The second test is to check if the host is behind any firewalling/filtering device. This test enables the scanner to gather more information about the network infrastructure and will help during the scan of TCP and UDP ports.

3. TCP / UDP Port scanning – The third step is to detect all open TCP and UDP ports to determine which services are running on this host. The number of ports is configurable, but the default scan is approximately 1900 TCP ports and 180 UDP ports.

4. OS Detection – Once the TCP port scanning has been performed, the scanner tries to identify the operating system running on the host. This detection is based on sending specific TCP packets to open and closed ports.

5. TCP / UDP Service Discovery – Once TCP/UDP ports have been found open, the scanner tries to identify which service runs on each open port by using active discovery tests.

6. Vulnerability assessment based on the services detected – Once the scanner has identified the specific services running on each open TCP and UDP port, it performs the actual vulnerability assessment. The scanner first tries to check the version of the service in order to detect only vulnerabilities applicable to this specific service version. Every vulnerability detection is non-intrusive, meaning that the scanner never exploits a vulnerability if it could negatively affect the host in any way.

Reference

https://qualys-secure.force.com/discussions/s/article/000006137

Security & Privacy: China watching: Indian President, PM, key Opposition leaders, Cabinet, CMs, Chief Justice of India…the list goes on

Abtract

Calling itself a pioneer in using big data for “hybrid warfare” and the “great rejuvenation of the Chinese nation,” a Shenzen-based technology company with links to the Chinese government, and the Chinese Communist Party, is monitoring over 10,000 Indian individuals and organisations in its global database of “foreign targets,” an investigation by The Indian Express has revealed.

The range of targets in India identified and monitored in real time by Zhenhua Data Information Technology Co. Limited is sweeping — in both breadth and depth.

From President Ram Nath Kovind and Prime Minister Narendra Modi to Congress interim President Sonia Gandhi and their families; Chief Ministers Mamata Banerjee, Ashok Gehlot and Amarinder Singh to Uddhav Thackeray, Naveen Patnaik and Shivraj Singh Chouhan; Cabinet Ministers Rajnath Singh and Ravi Shankar Prasad to Nirmala Sitharaman, Smriti Irani, and Piyush Goyal; Chief of Defence Staff Bipin Singh Rawat to at least 15 former Chiefs of the Army, Navy and Air Force; Chief Justice of India Sharad Bobde and brother judge AM Khanwilkar to Lokpal Justice P C Ghose and Comptroller and Auditor General G C Murmu; start-up tech entrepreneurs like Nipun Mehra, founder of Bharat Pe (an Indian payment app), and Ajay Trehan of AuthBridge, an authentication technology firm, to top industrialists Ratan Tata and Gautam Adani.