Are you ready for IoT Patching?
Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs.
Flaws range from the use of an insecure HTTP communications protocol to weak credentials that could allow an attacker to take control of the camera or even use the device as a springboard to launch attacks within a connected network. The most serious flaws opens an attack vector where an adversary can root the camera and spoof the DNS server addresses specified in the camera’s settings, which could then be used as a launch pad to conduct additional attacks on devices sharing the same local network.
“The problem with current IoT device security is that everyone thinks there is no need to secure IoT devices such as security cameras, secure door locks because they are not traditionally used as access points for breaching company networks. You need to know which IoT devices you have in your network, so you need to start with a security toolset which can tell you (full article here).”
Malware found at 160 Applebee’s Restaurants across North America
RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its point of sale systems (POS). The malware may have enabled hackers to steal certain guests’ names, credit or debit card numbers, expiration dates and card verification codes processed during limited time periods. Upon learning of a potential incident,
RMH told Threatpost it promptly launched an investigation, obtained the help of leading cyber security forensics firms, and reported the matter to law enforcement. RMH said it operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants. In a statement, RMH urged customers to monitor their bankcard statements (full article here).
Robert Brown, Director of Services for Verismic said, “Most viruses and malware exploit environments which do not implement a robust patching process rather than a lack of virus protection. It is always easier to prevent an attack than to clean up after a serious outbreak.”
Alexa, what’s so funny?
Amazon acknowledged on Wednesday that some of its Alexa-enabled devices have developed a new skill: creeping out their owners with unexpected and unwarranted bursts of robotic laughter.
“We’re aware of this and working to fix it,” Amazon said.
People began reporting the problem with their “smart” speakers on social media in recent weeks. After the publication of this article, Amazon announced a fix and apparent explanation for the ghostly laughter. The company suggested in an email that the laughs had occurred “in rare circumstances” because the speaker was picking up a “false positive” for the command “Alexa, laugh.”
Find out how many of these devices you have in your network by starting a trial of Syxsense.
[vc_empty_space][vc_separator][vc_empty_space]
Patch Tuesday Release
Microsoft addressed 74 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft SharePoint, Microsoft Exchange, Microsoft Office, and Microsoft ASP.NET. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.
We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.
| CVE ID | Alert Description | CVSS Score | Recommended |
| CVE-2018-0808 | Microsoft ASP.NET Core Denial of Service Vulnerability | 7.5 | Yes |
| CVE-2018-0875 | Microsoft ASP.NET Core Denial of Service Vulnerability | 7.5 | Yes |
| CVE-2018-0889 | Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability | 7.5 | Yes |
| CVE-2018-0891 | Microsoft Edge and Internet Explorer Information Disclosure Vulnerability | 7.5 | Yes |
| CVE-2018-0903 | Microsoft Access Arbitrary Code Execution Vulnerability | 7.5 | Yes |
| CVE-2018-0935 | Microsoft Internet Explorer Memory Corruption Vulnerability | 7.5 | Yes |
| CVE-2018-0868 | Microsoft Windows Installer Privilege Escalation Vulnerability | 7.4 | Yes |
| CVE-2018-0888 | Microsoft Windows Hyper-V Information Disclosure Vulnerability | 7.2 | Yes |
| CVE-2018-0886 | Microsoft Windows Arbitrary Code Execution Vulnerability | 7.1 | Yes |
| CVE-2018-0815 | Microsoft Windows Graphics Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0816 | Microsoft Windows Graphics Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0817 | Microsoft Windows Graphics Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0877 | Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0880 | Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0881 | Microsoft Windows Video Control Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0882 | Microsoft Windows Desktop Bridge Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0977 | Microsoft Windows Win32k Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0983 | Microsoft Windows Storage Services Privilege Escalation Vulnerability | 7 | Yes |
| CVE-2018-0885 | Microsoft Windows Hyper-V Denial of Service Vulnerability | 5.8 | |
| CVE-2018-0811 | Microsoft Windows Kernel Information Disclosure Vulnerability | 5.5 | |
| CVE-2018-0813 | Microsoft Windows Kernel Information Disclosure Vulnerability | 5.5 | |
| CVE-2018-0814 | Microsoft Windows Kernel Information Disclosure Vulnerability | 5.5 | |
| CVE-2018-0919 | Microsoft Office Information Disclosure Vulnerability | 5.5 | |
| CVE-2018-0926 | Microsoft Windows Kernel Information Disclosure Vulnerability | 5.5 | |
| CVE-2018-0787 | Microsoft ASP.NET Core Privilege Escalation Vulnerability | 5.4 | |
| CVE-2018-0909 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0910 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0911 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0912 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0913 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0914 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0915 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0916 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0917 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0921 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0923 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0940 | Microsoft Exchange Security Bypass Vulnerability | 5.4 | |
| CVE-2018-0944 | Microsoft SharePoint Cross-Site Scripting Vulnerability | 5.4 | |
| CVE-2018-0947 | Microsoft SharePoint Privilege Escalation Vulnerability | 5.4 | |
| CVE-2018-0884 | Microsoft Windows Security Feature Bypass Vulnerability | 5.3 | |
| CVE-2018-0902 | Microsoft Windows Kernel Driver Security Feature Bypass Vulnerability | 5.3 | |
| CVE-2018-0883 | Microsoft Windows Shell Arbitrary Code Execution Vulnerability | 5 | |
| CVE-2018-0894 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0895 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0896 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0897 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0898 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0899 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0900 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0901 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0904 | Microsoft Windows Kernel Information Disclosure Vulnerability | 4.7 | |
| CVE-2018-0907 | Microsoft Office Excel Security Bypass Vulnerability | 4.4 | |
| CVE-2018-0879 | Microsoft Edge Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0927 | Microsoft Edge and Internet Explorer Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0929 | Microsoft Internet Explorer Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0932 | Microsoft Internet Explorer Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0939 | Microsoft Edge Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0941 | Microsoft Exchange Information Disclosure Vulnerability | 4.3 | |
| CVE-2018-0872 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0873 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0874 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0876 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0893 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0922 | Microsoft Office Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0925 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0930 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0931 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0933 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0934 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0936 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0937 | Microsoft Edge Scripting Engine Memory Corruption Vulnerability | 4.2 | |
| CVE-2018-0878 | Microsoft Windows Remote Assistance Information Disclosure Vulnerability | 3.1 | |
| CVE-2018-0924 | Microsoft Exchange Information Disclosure Vulnerability | 3.1 | |
| CVE-2018-0942 | Microsoft Internet Explorer Security Bypass Vulnerability | 3 |
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.
