Security Wrap-Up (January 19th, 2021)

Happy Tuesday, everyone! We’re back with another Security Wrap-Up and yet another mention of the SolarWinds debacle -

Windows 10 bug corrupts your hard drive on seeing an icon
A new and peculiar Windows 10 bug has emerged that could corrupt a hard drive just by looking at an icon. Attackers can hide a specially crafted line inside a ZIP file, folder, or even a simple Windows shortcut. All a Windows 10 user needs to do is extract the ZIP file or simply look at a folder that contains a malicious shortcut and it will automatically trigger hard drive corruption. It turns out that the vulnerability has existed in Windows 10 for nearly three years. Others have also found that the vulnerability can occur if you simply paste the offending string into the address bar in a browser.

FireEye releases tool for auditing networks for techniques used by SolarWinds hackers
FireEye researchers released a report detailing the techniques used by SolarWinds hackers along with a free tool on GitHub named Azure AD Investigator, which they say can help companies determine if the SolarWinds hackers (also known as UNC2452) used any of these techniques inside their networks. This FireEye report comes as the security firm has spearheaded investigations into the SolarWinds supply chain compromise, together with Microsoft and CrowdStrike. In their 35-page report, FireEye has detailed initial compromise techniques along with detection, remediation, and hardening strategies that companies can apply.

OpenWRT forum suffers data breach
The popular open source OpenWRT forum has been breached and hackers have made off with personal information and details about the platform’s users. An administrator account on OpenWRT was violated as part of the cyber attack, although forum moderators don’t yet know how the account was accessed. The compromised account had a “good password” but two-factor authentication wasn’t enabled. The intruder was able to download a copy of the user list that contains email addresses, handles, and other statistical information about users of the forum. If you are a member of the platform, it may be a good idea to get that password updated!

Cisco won’t patch 74 security bugs in older RV routers that reached EOL
If you’re using an older Cisco router in your network, it might be worth an upgrade now. Cisco advises RV110W, RV130, RV130W, and RV215W devices owners to migrate to newer gear. All four devices reached EOL in 2017 and 2018 and have also recently exited their last maintenance window as part of paid support contracts on December 1st, 2020. In total, they received 74 bug reports but hat it won’t be releasing any software patches, mitigations, or workarounds as the devices had long reached EOL years before. CVE identifiers of the bugs are listed in the link above!

Are there any security updates that you’d like to share? Let us know below!

1 Like