News – Page 2 – BU-CERT

Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices

Posted on 30 January 2023

From thehackernews.com

Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022.

According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months.

Close to 50% of the attacks originated from the U.S. (48.3%), followed by Vietnam (17.8%), Russia (14.6%), The Netherlands (7.4%), France (6.4%), Germany (2.3%0, and Luxembourg (1.6%).

What’s more, 95% of the attacks leveraging the security shortcoming that emanated from Russia singled out organizations in Australia.

Economic headwinds could deepen the cybersecurity skills shortage

Posted on 30 January 2023

From csoonline.com

According to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations claim that they’ve been impacted by the global cybersecurity skills shortage, while 44% of organizations believe the skills shortage has gotten worse over the past few years. The result? Increasing workloads on existing cybersecurity staff, job requisitions open for weeks or months, and high burnout rates and attrition for cybersecurity professionals. (ESG and ISSA will update and present their latest research at this year’s RSA conference.)

Labyrinth of 371 legacy systems hindered hospital’s IT meltdown recovery

Posted on 30 January 2023

From theregister.com

Last summer’s datacenter outage at one of the UK’s largest hospitals took two months to completely rectify because of the complexity associated with 371 legacy IT systems, a new report has found.

Guy’s and St Thomas’ NHS Foundation Trust suffered an IT outage at the peak of last summer’s heatwave, when temperatures hit 40°C (104°F), causing two linked datacenters to fail simultaneously. Each had been designed as backup for the other.

The failure resulted in most of the clinical IT systems at the trust’s London hospitals and related community services becoming unavailable to users, forcing staff to employ a paper-based system to keep records and find information.

The trust incurred £1.4 million ($1.7 million) in out-of-plan spending on technology services to respond to the incident. This included a cloud-hosted environment to provide resilience for data backups and a third-party specialist recovery service to image and extract data from the corrupted disks damaged during the datacenter failure.

20 Million Downloads In Shady Rewards Apps Via Google Play

Posted on 30 January 2023

From informationsecuritybuzz.com

A new class of activity-tracking apps that have recently had significant success on Google Play, the official software store for Android, has been downloaded onto more than 20 million devices. The apps present themselves as a pedometer, fitness, and habit-building tools, promising to award users randomly for maintaining an active lifestyle, achieving distance targets, etc.

But, according to a report by the Dr. Web antivirus, the prizes could be difficult to redeem or are only partially made accessible after requiring users to watch a lot of advertising.

Mounting pressure is creating a ticking time bomb for railway cybersecurity

Posted on 30 January 2023

From helpnetsecurity.com

The expansion of potential cyber threats has increased due to the integration of connected devices, the Internet of Things (IoT), and the convergence of IT and OT in railway operations.

In this Help Net Security interview, Dimitri van Zantvliet is the Cybersecurity Director/CISO of Dutch Railways, and co-chair to the Dutch and European Rail ISAC, talks about cyber attacks on railway systems, build a practical cybersecurity approach, as well as cyber legislation.

The railroad industry is going through a significant shift. Whenever a connected device is added, an attacker has a new opportunity to exploit it. How has your job evolved with increasing digital transformation?

At the Dutch Railways (but this goes for our entire sector), our cyber jobs have evolved to focus more heavily on cybersecurity in the face of increased digital transformation, -threat landscape, and -cyber legislation. With the integration of connected devices, the IoT and IT-OT convergence throughout our operations, the attack surface for potential cyber threats has greatly expanded.

PhoneSploit-Pro: remotely exploit Android devices using ADB and Metasploit-Framework

Posted on 30 January 2023

From securityonline.info

An All-In-One hacking tool is written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework.

Gee, tanks: Russian hackers DDoS Germany for aiding Ukraine

Posted on 30 January 2023

From theregister.com

Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country’s plan to send tanks to Ukraine.

The efforts, according to Germany’s cyber security agency, the BSI, were largely in vain. “Currently, some websites are not accessible. There are currently no indications of direct effects on the respective services and, according to the BSI’s assessment, these are not to be expected,” the BSI declared.

Germany announced the transfer of 14 Leopard 2 A6 tanks to Ukraine on Wednesday, jointly with the US saying it would send 31 M1 Abrams tanks to the besieged nation. Germany reportedly refused to send tanks without the US making a similar offer, in hopes that might head off a Russian response.