Latest News Articles


########################################################
#### CSIRT-IE End of Week Report ####
########################################################

Date   : Friday 07-06-2019 10:00 ; Friday 14-06-2019 10:00

=====================================
= News =
=====================================

− Russia accused of hacking EU embassy in Moscow
Russia is believed to have hacked the Europian Unions embassy in Moscow
in a sophisticated cyberespionage attack designed to steal highly sensitive
material from the mission’s internal network just weeks before the 
European Parliament elections. The initial attack took place in February
2017, but wasn’t detected until April of this year.

https://www.scmagazine.com/home/security-news/apts-cyberespionage/
russia-is-believed-to-have-hacked-the-europian-unions-embassy-in-
moscow-in-a-sophisticated-cyber-espionage-attack-to-steal-highly-
sensitive-material


− Huawei Denies Being Bound by Chinese Spy Laws
News and articles about cyber security, information security, 
vulnerabilities, exploits, patches, releases, software, features, hacks,
laws, spam, viruses, malware, trojans. Huaweis cyber security chief 
told the UK parliament Monday that the Chinese telecoms giant has been 
advised it was under no....

https://www.securityweek.com/huawei-denies-being-bound-chinese-spy-laws


− KPMG to probe into the Cyber Attack of FAI
And now a cyber arm of KPMG has been asked to probe into the cyber 
attack made on the sports body. It has to be notified over here that the
cyber attack on FAI occurred when the football governing body was going
through the financial crisis. Coincidentally the incident occurred when
Ireland....

https://www.cybersecurity-insiders.com/kpmg-to-probe-into-the-cyber-
attack-of-fai


− Aircraft parts manufacturer Asco hit by a ransomware attack
The company which actually operates from Zaventem, Belgium said that the
IT disruption led to the operations shut down in its plan leaving 1000 
of its 1400 workers jobless. An initial probe into the ransomware attack
said that Asco decided to shut down its plant for only a couple of days.

https://www.cybersecurity-insiders.com/aircraft-parts-manufacturer-asco-
hit-by-a-ransomware-attack


− BGP event sends European mobile traffic through China Telecom for 2 
hours
BGP event sends European mobile traffic through China Telecom for 2 hours

https://news.hitb.org/content/bgp-event-sends-european-mobile-traffic-
through-china-telecom-2-hours


− U.S. Customs say traveler images exposed in cyberattack
The U.S. Customs and Border Protection service says images of travellers
-- which it presumably collected at points of entry -- have been exposed
in a malicious cyberattack. The federal agency said Monday that license 
plate images were also exposed in an attack that compromised a 
subcontractor's computer network.

https://www.ctvnews.ca/world/u-s-customs-say-traveler-images-exposed-in-
cyberattack-1.4460252


- Telegram gets hit by major distributed denial of service (DDoS) attack
Telegram CEO says the reason behind the unrest in Hong Kong is because 
of cyber attack initiated from China. Encrypted messaging service 
Telegram suffered a major cyber-attack that appeared to originate from 
China, the company's CEO said Thursday, linking it to the ongoing 
political unrest in Hong Kong

https://www.firstpost.com/tech/news-analysis/telegram-gets-hit-by-major-
distributed-denial-of-service-ddos-attack-6811841.html

=====================================
= Vulnerabilites =
=====================================

- Exim Releases Security Patches	
Original release date: June 13, 2019 Exim has released patches to 
address a vulnerability affecting Exim versions 4.87–4.91. A remote 
attacker could exploit this vulnerability to take control of an affected
email server. This vulnerability was detected in exploits in the wild. 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages 
users and administrators to review the Exim CVE-2019-10149 page and 
either upgrade to Exim 4.92 or apply the necessary patches.

https://www.us-cert.gov/ncas/current-activity/2019/06/13/Exim-Releases-
Security-Patches


− GoldBrute Botnet Brute-Force Attacking RDP Servers
A new piece of malware is targeting Windows severs with the remote 
desktop protocol (RDP) exposed to the Internet with the intent to 
ensnare them into a massive botnet, SANS ISC warns. read more

https://www.securityweek.com/goldbrute-botnet-brute-force-attacking-rdp-
servers


− Adobe Releases Security Updates
Original release date: June 11, 2019 Adobe has released security updates
to address vulnerabilities affecting ColdFusion, Adobe Campaign, and 
Adobe Flash Player. An attacker could exploit some these vulnerabilities
to take control of an affected system. The Cybersecurity and Infrastructure
Security Agency (CISA) encourages users and administrators to review 
Adobe Security Bulletins APSB19-27, APSB19-28 , and APSB19-30 and apply
the necessary updates. This product is provided subject to this

https://www.us-cert.gov/ncas/current-activity/2019/06/11/Adobe-Releases-
Security-Updates


− Microsoft Windows up to Server 2019 denial of service [CVE-2019-1025]
A vulnerability classified as critical has been found in Microsoft 
Windows (Operating System). This affects an unknown code block. The 
manipulation with an unknown input leads to a denial of service 
vulnerability. CWE is classifying the issue as CWE-404 . This is going 
to have an impact on availability.

https://vuldb.com/?id.136323


− Cisco Releases Security Update for Cisco IOS XE
News and articles about cyber security, information security, 
vulnerabilities, exploits, patches, releases, software, features, hacks,
laws, spam, viruses, malware, trojans. Original release date: June 12, 
2019. Cisco has released a security update to address a vulnerability in
Cisco IOS XE.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
cisco-sa-20190612-iosxe-csrf


=====================================
= Community News =
=====================================

− Facebook to Cut off Huawei to Comply With U.S. Sanctions
Facebook said Friday it would cut off Huawei from its popular social 
networking apps to comply with US sanctions, further isolating the 
Chinese tech giant considered a national security threat by Washington. 

https://www.securityweek.com/facebook-cut-huawei-comply-us-sanctions


− VLC 3.0.7 is Biggest Security Release Due to EU Bounty Program
VLC 3.0.7 is Biggest Security Release Due to EU Bounty Program

https://news.hitb.org/content/vlc-307-biggest-security-release-due-eu-
bounty-program

− Microsoft Releases Sysmon 10 With DNS Query Logging Feature
Microsoft has released Sysmon 10 today and with it comes the eagerly 
anticipated DNS Query Logging feature. This feature will allow Sysmon 
users to log DNS queries performed on a monitored computer, which will 
also include the executable that performed the query. 

https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-
sysmon-10-with-dns-query-logging-feature/


− Bitcoin Causing CO2 Emissions Comparable To Hamburg Or Las Vegas
Although Bitcoin is a virtual currency, the energy consumption associated 
with its use is very real. For a Bitcoin transfer to be executed and 
validated, a mathematical puzzle must be solved by an arbitrary computer
in the global Bitcoin network. The network, which anyone can join, rewards 
the puzzle solvers in Bitcoin.

https://www.eurasiareview.com/14062019-bitcoin-causing-co2-emissions-
comparable-to-hamburg-or-las-vegas


− The Tallinn-based NATO cyber defence centre welcomes four new members 
- Estonian World The Tallinn, Estonia-based NATO Cooperative Cyber 
Defence Centre of Excellence (CCDCOE) has welcomed four new members – 
Bulgaria, Denmark, Norway and Romania; the centre now has 25 member 
countries, becoming the biggest among 25 NATO-accredited centres of 
excellence.

https://estonianworld.com/security/the-tallinn-based-nato-cyber-defence-
centre-welcomes-four-new-members