Cyber Security News 06 September 2019

Cyber Security News Update 06 SEPT 2019

CISA Warn of Hurricane Relief Scams – Mozilla Patches Firefox Web Browser Security Issues – Hackers Attack New Bedford, Mass with Ransomware

CISA Warn of Hurricane Relief Scams

https://www.us-cert.gov/ncas/current-activity/2019/09/04/potential-hurricane-dorian-cyber-scams
The US Cybersecurity and Infrastructure Security Agency (CISA) warns the public that scammers typically attempt to take advantage of disaster victims and the people who want to help them. Hurricane Dorian victims and potential donors should be aware that scammers may send phishing emails seeking credit card or banking information in fraudulent aid appeals, launch malware campaigns through emails with malicious attachments, or direct users to spoof donation websites. Hurricane Dorian victims and donors should use great care if they receive emails soliciting donations or asking them to view disaster related websites or documents. Any email link or attachment should be examined carefully and the sender vetted. Donors should always be cautious of social media, email, web, and texts pleas for help.

Mozilla Patches Firefox Web Browser to Address Security Issues

Mozilla released updates to its Firefox web browser to address cyber security vulnerabilities in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9. Users should update Firefox as some of the vulnerabilities are serious threats. Hackers could exploit some of these vulnerabilities to take control of a device.

Firefox users and system administrators should review the vulnerabilities and patch apps as soon as possible. According to Mozilla some of the vulnerabilities are:

CVE-2019-11751: Malicious code execution through command line parameters

This vulnerability only affects Firefox web browsers running on Windows operating systems.
This is a critical patch. If a user opens Firefox from another application such as a messaging app or document, this vulnerability can be used to write a log file to any arbitrary location on that machine. For example, if a hacker wrote to the Windows Startup folder, they could launch other executables the next time the machine is restarted.

CVE-2019-11753: Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location

This is a high-priority patch that affects Windows machines only. When installing Firefox, the installer allows the user to choose a custom installation location. This is a vulnerability as it is unprotected from hackers, non-admin users, and malware. Hacker altered maintenance services can run with escalated privileges during a subsequent security update.

CVE-2019-11749: Camera information available without prompting using getUserMedia

This is a lower severity security patch in which malicious web content can get at a user’s webcam without triggering a user prompt or notification. The vulnerability allows for fingerprinting of users.

Ransomware Attacks New Bedford, Massachusetts

Hackers demanded $5.3 million payable in Bitcoin in another ransomware attack that locked up the city of New Bedford, Massachusetts IT system. The city’s mayor stated that the attack affected four percent of New Bedford’s computers. The city tried to negotiate for $400,000 ransom which the hackers rejected. Ultimately, the city chose to decrypt servers themselves. It is believed that this is a Ryuk ransomware attack in which hackers manually delete backups and reset snapshots before launching the attack.