cyber_security_smb_design_vulnerability_badlock.png

This week saw a critical patch notification that will be out in 3 weeks affecting Samba and Microsoft Windows. It was also a week packed with ransomware hitting hospitals, and the news of Home Depot having to pay $19M in compensation to its breached customers.

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

 


Vulnerabilities

SerNet, the conjoined Microsoft and Samba Team, has issued a critical security update for the SMB/CIFS networking protocol, scheduled for April 12th, 2016, that apparently affects nearly all versions of Windows and Samba.

why is this signficant?



  • This critical flaw that both Samba & Microsoft look to share is termed "Badlock". Given its name this vulnerability is suspected to be related to the client-lock handling mechanism. If true, will this give rise to a new ransomware?
  • Due to the fact that the flaw affects both, may indicate that it could most likely be a protocol design vulnerability.

Read the full story on ITWorld 

/** Read more on design flaws and their ramifications in this research report - Vulnerable by Design: why destructive exploits keep on coming **/

 

Ransomware

3 U.S. hospitals reported this week that ransomware hit data systems, at Kentucky Methodist Hospital, Chino Valley Medical Center and Desert Valley Hospital, California.

why is this signficant?

  • When the Kentucky Methodist Hospital was hit they called an ‘Internal State of Emergency’ they responded just as they would in a tornado.
  • It seems as though ransomware attackers are preying on simple exploits and being opportunists when it comes to targeting hospitals.  If this trend continues, the downtime will take a toll on healthcare as we know it today.  On the same note, the attackers' demand will start increasing and the value of the stolen patient credentials will increase the sophistication of the ransomware and how it is dispersed.

Read the full story on Krebs On Security

Cost of a Breach

After Home Depot's 2014 data breach, the court concluded Home Depot must compensate the affected customers by paying them at least $19M.

why is this signficant?

  • Apparently, Home Depot had ignored security warnings that their anti-virus had not been updated in 7 years.  This made Home Depot a perfect candidate for the BlackPOS (point-of-sale) malware that sent customer payment information to the threat actors every time a payment card was swiped at the register. Now, Home Depot must add an information security chief to its staff to improve data security moving forward.
  • Home Depot's 2014 breach compromised 56 million customer's payment data and Home Depot apparently "is not admitting to any wrongdoing and is not accepting any liability moving forward".

Read the full story on The Register