Bulgarian IT expert arrested after disclosing a flaw in kindergarten software

Posted: 30 Jun 2019 01:34 PM PDT

Bulgarian police arrested the IT expert Petko Petrov after he publicly demonstrated a security vulnerability in the kindergarten software used by local kindergartens.

The IT expert Petko Petrov was arrested by the Bulgarian police because he publicly demonstrated the exploitation of a vulnerability in the software used by local kindergartens.

Petrov exploited the flaw to download the details of 235,543 citizens of Stara Zagora, a province in central Bulgaria with over 333,000 inhabitants, he also published a video PoC on Facebook.

Petkov decided to publicly disclose the vulnerability after he attempted, without success, to report it to the company that developed the software and local authorities.

In the above video, the IT specialist launches an attack against the web portal of the local municipality where parents can sign up children for kindergarten. Petkov exploited the issue to access data of Bulgarian citizens.

The Department Civil Registration and Administrative Services (GRAO) stores personal information of the citizens, including names, addresses, marital status, death, parentage, passport data, nationality and relatives – children, brothers and sisters of about 10.5 million citizens.”

The expert also shared a link to a GitHub repository containing the PoC code that would allow anyone to exploit the flaw.

The Bulgarian authorities arrested Petkov on Friday, he was detained for 24 hours before being set free.

“On June 26, Petkov published a video on social networks, showing that he managed to get into the system and take the data to about 235,000 people without much effort. The same day the municipality stopped access, and the mayor of the city Zhivko Todorov explained that this was done for the purpose of prevention. According to him, the system was developed by the state-owned company “Information Service”.” reads an article published by the Mediapool website.

“The municipality is the user of their software that has been punctured, and all the answers to be given are theirs and I expect this to happen as quickly as possible.” The problem is sufficiently public and if someone has managed to break through the system they have to answer why and how they will overcome the problem, otherwise it does not look serious , “Todorov said.

kindergarten software

Immediately after the disclosure of the flaw, Stara Zagora officials have temporarily taken down the vulnerable software to avoid the exploitation of the vulnerability by hackers.

The man is accused to have illegally obtained government information under Article 319A of the Bulgarian Criminal Code, he could face from one to three years in prison, and a fine of up to 5,000 Bulgarian leva ($2,900).

The mayor of Stara Zagora also attempted to contact the Information Services AD that developed the software, by the company has not yet responded. Todorov explained that the company will have to address the flaw in its software on its own expense.

Petkov warned that the same software is also used in other Bulgarian provinces.

Pierluigi Paganini

(SecurityAffairs – kindergarten software, hacking)

The post Bulgarian IT expert arrested after disclosing a flaw in kindergarten software appeared first on Security Affairs.

Is Your Browser Secure? Here’s How to Secure Your Web Browser Against Attacks!

Posted: 30 Jun 2019 06:25 AM PDT

Explorer, Mozilla Firefox, Google Chrome, and Opera, no matter which web browser you use, here’s what you need to know to protect them against attacks.

There are a number of web browsers available for surfing sites and accessing the content. The most popular and widely used are Internet Explorer, Mozilla Firefox, Google Chrome, and Opera. No matter which browser you use there are certain security leaks in each one of them.

Individuals and organizations choose browsers on the basis of their different features like interface, downloading speed, smart features, and compatibility for different sites. But have you ever considered the security feature of your browser as a selecting criterion? Have you ever wondered if your browser is secured?

These questions may sound unfamiliar as often people don’t bother about the security of the web browsers. But in reality, web browsers can be as malicious as any other malware software.  Attackers use different strategies for hacking your device data and web browsers are one of their prime sources for tracking and spying the online and offline activities on your device. Malicious web browser can also direct you to unauthorized links while surfing the internet. 

How to Secure your Web Browser in just 5 simple ways

Web browsers are at constant security risks but making them secure is not much difficult. You can easily enhance the security of your favorite browser by implementing the following tips.

Updated Versions of Browser

It is recommended to use an updated version of the web browser to enhance its security. The outdated browsers with no latest versions and the older versions of the latest browsers are the most vulnerable to attack. Remember the hijacker can control your browser only till you have not installed any update on it. So it is a better idea to enable auto updates on your browser so you can have a browser that is efficient for dealing with latest security concerns. You should also remove the Redirect Virus in system if in case it is infected by any.

Configure Your Browser Settings

There is a lot in your hand when it comes to deciding what to allow on your browser and what to limit. Configure your browser setting as per your required level of security. Like you can inhibit third-party cookies which is a major source of tracking your online activities. You can also limit the password saving option in your browser to further enhance the security of your browser as well as of your accounts.

Limit Plug-Ins Installation

Plug-ins are the major source of attacking your browser. Only install the plug-ins for your browser that are essential and are authentic.

There are a lot of plug-ins that were needed by the browser in the past but are not required any more. Delete all the outdated plug-ins from your device and make it a habit of removing plug-ins when they are not in use.

Also, keep updating the latest versions of all the plug-ins installed in your device as it will reduce the security risks.

Install Anti-Virus Software

Anti-virus software is a must have for your device. It helps in detecting the invading viruses and malware that are aimed at manipulating the browser setting.

There are small packets of unknown data or ambiguous files known as Potential Unwanted Programs. These program files get installed on your device without your consent whenever you install new software or update an older one. These are aimed at causing damage to your device software including web browsers.

If your device is protected with an updated version of anti-virus software there are little chances for Potential Unwanted Programs to get installed on your device. If in case PUPs paved their way to your device, anti-virus software will detect its presence and notify you about it. This will inhibit its access to the device software keeping your browser and other software secured.

Get Alerts

Sign up for google alerts to get updates about all the activities on your browser. You can get them for Google Chrome as well as for Internet Explorer.

Browser alerts are often very annoying as nobody wants to see hundreds of alerts each day. But these same alerts are your prime source of getting notified if something suspicious happens at your browser. So it is better to take a little pain of alerts for ensuring your browser safety.

Browser security is often neglected and people pay little heed towards it. But if this same browser gets hijacked it can become a tool for the hijacker and serve as a prey source. You can easily secure your web browsers by being a little more cautious about your device security and become vigilant while installing anything on your device.

About the author: Susan Alexandra is a Cybersecurity and Privacy Enthusiast. She is a small business owner, traveler and investor of cryptocurrencies. Susan's inbox is open for new ideas and stories, you can share your story ideas to susanalexandra67(at)gmail(dot)com

Pierluigi Paganini

(SecurityAffairs – web browser, hacking)

The post Is Your Browser Secure? Here’s How to Secure Your Web Browser Against Attacks! appeared first on Security Affairs.

Security Affairs newsletter Round 220 – News of the week

Posted: 30 Jun 2019 04:44 AM PDT

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Kindle Edition

Paper Copy

newsletter Digging The Deep Web

Once again thank you!

Expert released PoC for Outlook for Android flaw addressed by Microsoft
Hundreds of million computers potentially exposed to hack due to a flaw in PC-Doctor component
NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point
Trump secretly ordered cyber attacks against Iran missile systems
CVE-2019-10149: Return of the WiZard Vulnerability: Crooks Start Hitting
Free proxy service runs on top of Linux Ngioweb Botnet
OpenSSH introduces a security feature to prevent Side-Channel Attacks
US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks
WeTransfer incident: file transfer emails were sent to unintended email addresses
Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail
Iran denies attack against its infrastructure has ever succeeded
Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory
OSX/Linker, a new piece of Mac malware that exploits Gatekeeper bypass
SocialEngineered forum hacked and data leaked online
European law enforcement agencies arrested 6 individuals involved in $27M cryptocurrency theft
Lake City agreed to pay $500,000 in ransom, is the second case in Florida in a week
Malspam campaign spreads LokiBot & NanoCore via ISO image files
Operation Soft Cell – Multiple telco firms hacked by nation-state actor
Silex malware bricks thousands of IoT devices in a few hours
Cisco addressed critical flaws in Cisco Data Center Network Manager
Crooks stole millions from Bitrue Cryptocurrency Exchange
Flaws in EA Games Login exposed accounts of 300 Million Gamers to hack
Flaws in the BlueStacks Android emulator allows remote code execution and more
Similarities and differences between MuddyWater and APT34
US-based Cloud Solution Provider PCM Inc. hacked
Cloud Hopper operation hit 8 of the worlds biggest IT service providers
Italian data protection watchdog fines Facebook over Cambridge Analytica scandal
Regin spyware involved in attack against the Russian tech giant Yandex
Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets
Talos discovered Spelevo EK, an exploit kit spreading via B2B Website

(SecurityAffairs – newsletter)

The post Security Affairs newsletter Round 220 – News of the week appeared first on Security Affairs.

Vulnerability in Medtronic insulin pumps allow hacking devices

Posted: 30 Jun 2019 03:19 AM PDT

Medtronic and the US government have warned that some Medtronic MiniMed insulin pumps are vulnerable to cyber attacks.

Medtronic and the United States government have warned of a security vulnerability affecting some Medtronic MiniMed insulin pumps that could be exploited by hackers.

The Department of Homeland Security (DHS) and Medtronic, and the Food and Drug Administration (FDA) have published a press release of a high-severity flaw affecting models of insulin pumps belonging to MiniMed 508 and Paradigm series.

The flaw, tracked as CVE-2019-10964, is an improper access control issue that could be exploited by an attacker with adjacent access to one of the vulnerable insulin pumps to interfere with the wireless RF (radio frequency) communications to or from the product.

An attacker can exploit the flaw to inject, replay, modify, and/or intercept data, the flaw could also allow hackers to change pump settings and control insulin delivery.

“Successful exploitation of this vulnerability may allow an attacker with adjacent access to one of the affected products to intercept, modify, or interfere with the wireless RF (radio frequency) communications to or from the product.” reads the security advisory published by the US-CERT. “This may allow attackers to read sensitive data, change pump settings, or control insulin delivery.”

According to FDA, in the U.S., Medtronic has identified 4,000 patients who are potentially using insulin pumps affected by the flaw.

The company is providing alternative insulin pumps to patients, these devices implement enhanced cybersecurity capabilities.

The vulnerability was discovered by Medtronic after security experts conducted some studies on these types of devices. Experts that conducted the researches are Nathanael Paul, Jay Radcliffe, Barnaby Jack, Billy Rios, Jonathan Butts and Jesse Young.

The vulnerable insulin pumps communicate with other devices such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices, with wireless RF.

Experts discovered that the wireless RF communication protocol does not properly implement authentication or authorization.

"The vulnerability allows a potential attacker with special technical skills and equipment to potentially send radiofrequency (RF) signals to a nearby insulin pump to change settings, impacting insulin delivery. This change could result in a patient experiencing hypoglycemia (if additional insulin is delivered) or hyperglycemia (if not enough insulin is delivered)," reads the advisory published by Medtronic.

The good news is that Medtronic is not aware of attacks in the wild.

Patients in the US using the vulnerable insulin pumps urge to contact their healthcare provider to discuss replacing the devices with a newer model.

For individuals living outside the US where newer pumps model is not available, the vendor suggests customers adopt mitigations for preventing cyberattacks.

“Medtronic is unable to adequately update the MiniMed 508 and Paradigm insulin pumps with any software or patch to address the devices' vulnerabilities.” concludes the FDA. “The FDA is working to assure that Medtronic addresses this cybersecurity issue, including helping patients with affected insulin pumps switch to newer models with better cybersecurity controls.”

Pierluigi Paganini

(SecurityAffairs – Medtronic, hacking)

The post Vulnerability in Medtronic insulin pumps allow hacking devices appeared first on Security Affairs.

Germany and the Netherlands agreed to build TEN, the first ever joint military internet

Posted: 30 Jun 2019 12:58 AM PDT

The governments of Germany and The Netherlands agreed to build the first-ever joint military Internet, so-called TEN (Tactical Edge Networking).

Government officials from Germany and the Netherlands signed an agreement for the building of the first-ever joint military Internet, so-called TEN (Tactical Edge Networking).

The agreement was signed this week in Brussels, during a meeting of NATO defense ministers.

“The accord was signed on Wednesday in Brussels, Belgium, where NATO defense ministers met this week.” reads the post of ZDnet that first reported the news.

“The name of this new Dutch-German military internet is the Tactical Edge Networking, or TEN, for short.”

The Tactical Edge Networking (TEN), is the first-ever project that allows states to merge their military networks.

Military and defense analysts believe that in the future, the NATO alliance will create for all its members a unique military network.

The TEN will be located in Koblenz, Germany, while a design and prototype center will be located at the Bernard Barracks in Amersfoort, the Netherlands.

In the first phase of the project, TEN will unify communications between the German army’s (Bundeswehr) land-based operations (D-LBO) and the Dutch Ministry of Defence’s ‘FOXTROT’ tactical communications program.

Under the TEN project, soldiers from both governments will use the same equipment (i.e. Computers, radios, tablets, and telephones).

The cost for the overall project will be very high, analysts believe it will reach millions of euros.

TEN’s deployment is expected to cost the two countries millions of euros in costs to re-equip tens of thousands of soldiers and vehicles with new compatible equipment.

According to German newspaper Handelsblatt, both governments aim at a full integration of the defense netwotks.

“The digitization of their land forces will tackle the Netherlands and Germany together. The goal: At the latest in the 2030s, the armies of both countries should be networked at all levels and communicate with each other electronically without any restrictions.” reported the Handelsblatt

“It’s a really big step, we’ve never done so before,” said Dutch Defense Minister Ank Bijleveld-Schouten on Tuesday to Handelsblatt on the sidelines of the meeting of the Nordic NATO defense ministers in Berlin.”

Even if Dutch and German army have already conducted joint foreign missions, they have never exchanged information across national borders.

“Today we cannot even communicate across borders with our radios,” said Bijleveld-Schouten. 

Pierluigi Paganini

(SecurityAffairs – TEN, military)

The post Germany and the Netherlands agreed to build TEN, the first ever joint military internet appeared first on Security Affairs.