Serious Cisco Bug, Android Spyware, and a Push for Local Cybersecurity Support

Your Weekly Cybersecurity News Roundup

For those of you viewing this post from the United States we’d like to wish you a very happy Fourth of July! We hope you and your families stay safe and have fun (as much fun as possible, that is) this holiday weekend.

Another month is in the books for all of us in the tumultuous year of 2020. The end of another month (and week) signals the need for another cybersecurity news roundup titled “Byte Sized News,”  brought to you by us at PlexTrac. This week was yet another busy one for the cybersecurity industry! There are many interesting stories, new developments, and enormous breaches in the industry that are sure to both entertain and inform our readers. As always, this series isn’t intended to provide readers with details on every story and topic, but rather to fill busy professionals in on the most compelling developments in the field.

Learn more about PlexTrac and the platform we provide to security professionals here.

Without further ado, let’s get to this week’s top news stories!

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Our first story from the week comes from Threatpost. This article focuses on Cisco, who recently warned of a high-severity flaw found, affecting more than half a dozen of its small business switches. This flaw could allow remote, unauthenticated attackers to access the switches’ management interfaces with administrative privileges. The specific areas affected include Series Smart Switches, Series Managed Switches, and Series Stackable Managed Switches. Cisco did mention that there were no known active exploitations of these vulnerabilities. Additionally, software updates are available on some of these switches that remedy the flaws.

(Read the full article from Threatpost here.)

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

The next article we want to highlight this week also comes from Threatpost. This article talks about never-before-seen Android spyware tools that have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group since 2013. These spyware tools were dubbed SilkBean, GoldenEagle and CarbonSteel, and one previously disclosed tool, DoubleAgent. The purpose of these tools is to gather and exfiltrate personal user data to attacker-operated command-and-control (C2) servers. “Many samples of these malware tools were trojanized legitimate apps, i.e., the malware maintained complete functionality of the applications they were impersonating in addition to its hidden malicious capabilities,” said Lookout security researchers Apurva Kumar, Christoph Hebeisen and Kristin Del Rosso.

(Read the full article from Threatpost here.)

A New Bipartisan Bill Could Bring Back the White House Cyber Director Role

Our next article from the week comes from  CSO Online. This article details a new bill proposed by the Cyberspace Solarium Commission leaders in the US House of Representatives. This bill, called the National Cyber Director Act, looks to create the position of a national cyber director within the White House. The Cyberspace Solarium Commission leaders released its report, which was the product of months-long deliberations by four members of congress, four senior executive agency leaders and six experts from outside government — just as the coronavirus pandemic kicked in during March. These discussions brought about 80 recommendations, including the action to create the cyber director role, which are quickly being turned into actionable legislation on Capital Hill.

(Read the full article from CSO Online here.)

Microsoft Issues Critical Fixes for Booby-Trapped Images

The next story from the week comes from Naked Security. This article details a new emergency patch put out by Microsoft for two critical holes in the Windows Codecs Library. We all know what Windows is, but codec, short for encoder-decoder short for  is cybersecurity jargon for a type of software that takes data — usually raw data that represents pixels in a video or sound in audio — and reworks it so it may be easily sent and received. There were flaws in Microsoft’s Codecs Library that, if exploited, could allow an attacker to execute arbitrary code or allow a bad actor to obtain information that would further compromise the user’s system. Microsoft pushed an update to their Windows 10 operating system and Windows Server to plug these dangerous vulnerability holes. Affected customers do not need to take any special action to receive the update, as it will be automatically installed by Microsoft Store.

(Read the full article from Naked Security here.)

Senators Push for Local Cybersecurity Support in Defense Bill

Our last headline of the week comes from the Wall Street Journal. This article details the push by senate lawmakers that are trying to fortify state and local cybersecurity through amendments to the annual defense budget as it is debated on the chamber floor next week. A bipartisan group of senators are pushing for the annual National Defense Authorization Act to establish state-level cybersecurity coordinators within the Department of Homeland Security and to formally extend the National Guard’s role in aiding local governments in combating cyber threats. “States and local governments need additional support as they face upticks in threats” Sen. Maggie Hassan (D., N.H.) said. She pointed to ransomware attacks against computer networks used by Strafford County in eastern New Hampshire and the Sunapee School District in the western part of the state as a real-world example.

(Read the full article from the WSJ here.)

Check Out Our Latest Posts