PwC Weekly Security Report Edition 70
Threat andvulnerabilitiesThreats andvulnerabilitiesMalwareTop storyPwC WeeklySecurity ReportThis is a weekly digest of security news and events from around the world. Excerptsfrom news items are presented and web links are provided for further information.Threats and vulnerabilitiesSecurity vulnerabilities found in selectLinksys router modelsThreats and vulnerabilitiesFlaws in Hyundai app allowed hackers tosteal carsMalwareInternet of things malware Hajime iscreating a botnet from 300,000 devicesTop storyMastercard introduces card with built-infingerprint scanner
Threat andvulnerabilitiesThreats andvulnerabilitiesMalwareTop storySecurity vulnerabilities found inselect Linksys router modelsSecurity researchers uncover 10 separate issuesmaking thousands of popular Wi-Fi routerssusceptible to attack.IOActive discovers security vulnerabilities in selectLinksys router modelsIOActive today released information on a number ofsecurity vulnerabilities found in more than 20models of Linksys Smart Wi-Fi Routers.The vulnerabilities identified, if exploited, couldallow attackers to overload a router and force areboot, deny user access, leak sensitive informationabout the router and connected devices, and changerestricted settings.IOActive and Linksys have worked together sincethe findings were disclosed and a security advisoryhas been issued by Linksys, including a workaroundfor customers until final firmware updates areposted in the coming weeks.The research was authored by IOActive seniorsecurity consultant, Tao Sauvage and independentsecurity researcher Antide Petit. A blog post on theresearch and findings was published today.Sauvage and Petit's research, conducted during Q4of 2016, included reverse engineering of thefirmware, definition of the attack surface and codereview and penetration testing of the exposedfunctions. They uncovered 10 vulnerabilities,ranging from low to high risk, present in over 20router models in production and distributed widelytoday. An initial search identified over 7000vulnerable devices exposed on the internet at thetime of the scan.“A number of the security flaws we found areassociated with authentication, data sanitisation,privilege escalation, and information disclosure,”said Sauvage. “Additionally, 11 percent of the activedevices exposed were using default credentials,making them particularly susceptible to an attackereasily authenticating and potentially turning therouters into bots, similar to what happened in lastyear's Mirai Denial of Service (DoS) attacks.”IOActive informed Linksys of the vulnerabilities inJanuary 2017, and the two companies have beenworking closely and cooperatively throughresponsible disclosure to validate and address theissues found. The Linksys security team has beenextremely receptive and responsive in workingthrough the findings, addressing the issuesuncovered, and taking the necessary steps to protectits consumers.“Working together with IOActive, we've been ableto efficiently put a plan together to address theissues identified and proactively communicaterecommendations for keeping customer devices anddata secure,” said Benjamin Samuels, applicationsecurity engineer at Belkin (Linksys Division).“Security is a high priority and by taking a fewsimple steps, customers can ensure their devices aremore secure while we address the r-models/article/652019/
Threat andvulnerabilitiesThreats andvulnerabilitiesMalwareTop storyFlaws in Hyundai app allowedhackers to steal carsSouth Korean carmaker Hyundai has releasedupdates for its Blue Link mobile applicationsto address vulnerabilities that could have beenexploited by hackers to locate, unlock andstart vehicles.The Blue Link application, available for both iOSand Android devices, allows users to remotely accessand monitor their car. The list of features providedby the app includes remote engine start, cabintemperature control, stolen vehicle recovery, remotelocking and unlocking, vehicle health reports, andautomatic collision notifications.Researchers at security firm Rapid7 discoveredthat the app had two potentially serious flawsrelated to a log transmission feature introducedin December 2016.Versions 3.9.4 and 3.9.5 of the Blue Link appsupload an encrypted log file to a pre-defined IPaddress over HTTP. The name of the file includesthe user’s email address and the file itself containsvarious pieces of information, such as username,password, PIN, and historical GPS data.While the log file is encrypted, the encryptionrelies on a hardcoded key that cannot be modified.A man-in-the-middle (MitM) attacker — e.g. viaa compromised or rogue Wi-Fi network — canintercept HTTP traffic associated with the BlueLink application and access the log file and thedata it contains.The information in this log file can be usedby the attacker to locate, unlock and start thetargeted vehicle.Rapid7 has published a blog post detailing thevulnerabilities. ICS-CERT has also releasedan advisory which rates the MitM issue (CVE-20176052) as a medium severity flaw and the hardcodedcryptographic key weakness (CVE-2017-6054) ashigh severity.The flaws were discovered by Rapid7 in Februaryand Hyundai patched them in March with therelease of Blue Link 3.9.6 for both iOS and Android.The new version removes the log transmissionfeature and disables the TCP service located at theIP address where the log files were sent. Hyundaihas made the app update mandatory for users.Hyundai said there was no evidence thatthe vulnerabilities had been exploited formalicious purposes.While the flaws could have had a serious impact,Rapid7 and Hyundai pointed out that it would havebeen “difficult to impossible to conduct this attackat scale,” due to the fact that the attacker neededprivileged network access in order to exploit thesecurity holes.The fact that a mobile application provided by a carmanufacturer is vulnerable to hacker attacks is notsurprising. In the past months, researchers reportedfinding flaws in many car apps, includingfrom dai-app-allowed-hackers-steal-cars
Threat andvulnerabilitiesThreats andvulnerabilitiesMalwareTop storyInternet of things malware Hajime iscreating a botnet from 300,000devicesFor many people, there is a growing concern oversmart devices becoming connected. While smartdevices make day-to-day life more convenient, thereis an underlying risk of malware attacking andmaking use of these devices. One such example isHajime, an Internet of Things (IoT) malware that iscreating a peer-to-peer botnet. Already it hascompromised almost 300,000 devices.Full details about this research are available on thefirm’s SecureList meiot-botnet/Kaspersky Lab recently published its research intoHajime and its unknown end goal. So far, thismalware has focused its attention on DVRs,webcams, and routers, but it is capable of attackingany device on the internet. Using a brute-forceattack on device passwords, Hajime infects thedevice, and then conceals itself from the victim.Compromised devices can then be used by Hajime’screator without the victim’s knowledge.While a majority of these compromised devices arelocated in Iran, Vietnam, and Brazil, KasperskyLab suggests that IoT owners change theirpasswords to something more difficult to guessthrough brute force. Additionally, owners shouldupdate their firmware if needed.First signs of Hajime appeared in October 2016 andit has since developed new ways of spreading.Instead of containing attack code, this malware onlycontains a propagation module. As it takes over adevice, it adds it to an existing peer-to-peer botnet.This network of compromised devices is then usedfor spam or DDoS attacks.There are a few networks that Hajime has avoided.These include General Electric, Hewlett-Packard,the U.S. Postal Service, the United StatesDepartment of Defense, and a few private networks.“The most intriguing thing about Hajime is itspurpose,” said Konstantin Zykov, senior securityresearcher at Kaspersky Lab. “While the botnet isgetting bigger and bigger, its objective remainsunknown. We have not seen its traces in any typeof attack or additional malicious activity.”0:00/2:56
Threat andvulnerabilitiesThreats andvulnerabilitiesMalwareMastercard introduces card withbuilt-in fingerprint scannerMastercard has unveiled a new card that comes witha fingerprint scanner, allowing consumers to makepurchases without the card ever leaving their hands.It builds on fingerprint scanning technologycurrently available in smartphones, and can be usedat EMV terminals worldwide, the company says.The technology was tested in South Africa, in twoseparate trials. One was with Pick n Pay, whilethe other one was Absa Bank, a subsidiary ofBarclays Africa.The process is simple. You go to your financialinstitution and enroll for the card. Once registered,your fingerprint is converted into an encrypteddigital template and stored on the card.When shopping, dip the card into the terminal whileholding the finger on the sensor. If the fingerprint isa match, the transaction is approved."Consumers are increasingly experiencing theconvenience and security of biometrics," said AjayBhalla, president, enterprise risk and security,Mastercard. "Whether unlocking a smartphone orshopping online, the fingerprint is helping to deliveradditional convenience and security. It’s notsomething that can be taken or replicated and willhelp our cardholders get on with their lives knowingtheir payments are protected."Additional trials are being planned in Europe andAsia Pacific in the coming months.Said Richard van Rensburg, deputy CEO of Pick nPay: "We are delighted that this innovation has beentrialled for the first time at Pick n Pay stores inSouth Africa. Biometric capability will mean addedconvenience and enhanced security for ourcustomers. The technology creates a platform onwhich we can further our strategy of personalizingthe shopping experience in a meaningful way. Wehave been extremely impressed with the robust andsecure nature of the /mastercard-fingerprint-scanner-card/Top story
About PwCAt PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 157countries with more than 2,23,000 people who are committed to delivering quality in assurance, advisory andtax services. Find out more and tell us what matters to you by visiting us at www.pwc.comIn India, PwC has offices in these cities: Ahmedabad, Bengaluru, Chennai, Delhi NCR, Hyderabad, Kolkata,Mumbai and Pune. For more information about PwC India's service offerings, visit www.pwc.com/inPwC refers to the PwC International network and/or one or more of its member firms, each of which is aseparate, independent and distinct legal entity. Please see www.pwc.com/structure for further details. 2017 PwC. All rights reservedFor any queries, please contact:Sivarama Krishnansivarama.krishnan@in.pwc.comAmol Bhatamol.bhat@in.pwc.comThis report presents the highlights of security news and events from around the world that have been published on external websites.This publication has been prepared for a general guidance on matters of interest only, and does not constitute professional advice.You should not act upon the information contained in this publication without obtaining specific professional advice. No representationor warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to theextent permitted by law, PwC, its partners, employees and agents do not accept any liability, responsibility or duty of care for anyconsequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for anydecision based on it. PwC is however available for follow-up on any queries you may have regarding information and IT security. Theviews, opinions and interpretation shared in the newsletter are strictly of the individual's collating this newsletter and is not necessarilya representation of the firm's views. All images, information, references in this presentation are protected by copyright, trademark,patent, trade secret and other intellectual property laws of the respective publisher. Our sharing of this presentation along with suchprotected images with you does not authorise you to copy, republish, frame, link to, download, transmit, modify, adapt, createderivative works. 2017 PricewaterhouseCoopers Private Limited. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopersPrivate Limited (a limited liability company in India having Corporate Identity Number or CIN : U74140WB1983PTC036093), which is amember firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity.GM/April2017-9482
models of Linksys Smart Wi-Fi Routers. The vulnerabilities identified, if exploited, could allow attackers to overload a router and force a reboot, deny user access, leak sensitive information about the router and connected devices, and change restricted settings. IOActive and Linksys have worked together since
PWC Driving Licence In NSW it is compulsory for every person driving a PWC to hold a current PWC driving licence. There are two types of PWC driving licence: 1. PWC driving licence for those aged 16 years and over. 2. Young Adult PWC driving licence for people aged from 12 to less than 16 years. A Young Adult PWC driving licence
On May 12, at approximately 2:30 pm, two personal watercraft (PWC) were operating in Biscayne Bay. The PWC were jumping the wakes of other vessels in the area. PWC #1 jumped the wake of a vessel and . Boating Accidents Statistical Report PWC (private) 128,319 98% PWC (rental) 2,838 2% PWC O WNERSHIP BY R EGISTRATION Private vessels 694 / 77% .
Initial Temp of PWC was(27 ), and Electric Heater exchanges its thermal energy to PWC, a PWC heated up to melting Temp(saving energy as a sensible heat). After that, the heat stored as latent heat, thus the PWC melts and becomes liquids phase. Then the energy saved as sensible heat as a liquids phase PWC. The Temp PWC is registered at a period of
In this document, "PwC" refers to PricewaterhouseCoopers Priv ate Limited (a limited liability com MS 219-September 2011 S&R .indd Designed by: PwC Brand and Communications, India www.pwc.in Contacts Shashank Tripathi Executive Director 91 98196 78900 shashank.tripathi@in.pwc.com Anurag Garg Senior Manager 91 9711701799 anurag.garg@in.pwc .
o submit a report (PwC Report) to a committee of the Board appointed to consider the PwC Report (Board Committee). The Board Committee currently comprises Mr Louis von Zeuner, Mr Gavin Hudson and Ms Linda de Beer. The PwC Report has been submitted to the Board Committee. It sets out PwC's findings following a six-month investigation.
PwC Weekly Security Report This is a weekly digest of security news and events from around the world. Excerpts from news items are presented and web links are provided for further information. Threats and vulnerabilities Malware Ransomware Top story Threats and vulnerabilities Critical security flaw found in Lenovo PCs Malware
PwC Weekly Security Report This is a weekly digest of security news and events from around the world. News items are summarised and web links are provided for further information. Index Sr. no. Topic Page 1. Insider threats are ubiquitous and undetected 03 2.
Associate Director, Cyber Security PwC India Mobile: 91 98737 13687 anas.viquar@pwc.com About PwC At PwC, our purpose is to build trust in society and solve important problems. We're a network of firms in 155 countries with over 284,000 people who are committed to delivering quality in assurance, advisory and tax services.
