Articles of interest from the week of August 19, 2024

Critical Security Lapse: National Public Data Published Its Own Passwords, Putting Millions at Risk

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker that shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until Monday. (KrebsOnSecurity)

“Let us, for the moment, suspend the commentary and get to the important part: Prioritize freezing your credit with Equifax, Experian, and TransUnion as soon as possible. Not only can it be done in a relatively short time with little effort on your part (seriously, just follow the links above), unfreezing when you actually need it, likewise can be a quick process; When completed online or by phone your request will be fulfilled within one hour of confirmation. Additionally, you can also freeze your National Consumer Telecom & Utilities Exchange and ChexSystems reports, which will provide an additional layer of protection related to things like utilities and financial accounts not normally tied with the credit bureaus. These are often overlooked but can be invaluable safeguards.” – Jessica Owens, Senior SOC Analyst at Ingalls Information Security

Zero-Click Windows TCP/IP RCE Impacts All Systems With IPv6 Enabled, Patch Now

Microsoft warned customers recently to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. (BleepingComputer)

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities

Intel and AMD have each informed customers about dozens of vulnerabilities found and patched in their products. Intel has published 43 new advisories that cover a total of roughly 70 security holes. Nine advisories describe high-severity vulnerabilities. (SecurityWeek)

UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns

A United Nations committee has advanced the final draft of a treaty intended to combat cross-border cybercriminal organizations, but opponents warn that it contains few safeguards for human rights and could be used by repressive governments to prosecute journalists, cybersecurity researchers, and protesters. (Dark Reading)

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

Software giant Microsoft used the spotlight of the Black Hat security conference to document multiple vulnerabilities in OpenVPN and warned that skilled hackers could create exploit chains for remote code execution attacks. (SecurityWeek)

How Phishing Attacks Adapt Quickly to Capitalize on Current Events

Phishing is surging. See why and how it’s exploiting current events, like CrowdStrike's BSOD and; the Olympics. (The Hacker News)

New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous

A team of researchers from the Graz University of Technology in Austria has published a paper on SLUBStick, a new Linux kernel exploitation technique that can make heap vulnerabilities more dangerous. (SecurityWeek)

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. (The Hacker News)

'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Attackers can use a flaw that exploits the 0.0.0.0 IP address to remotely execute code on various Web browsers — Chrome, Safari, Firefox, and others — putting users at risk for data theft, malware, and other malicious activity, (Dark Reading)

Channel File 291 Incident: Root Cause Analysis is Available

Read the findings, mitigations, and technical details of the Channel File 291 incident. (CrowdStrike Blog)