- Newly Found Malware Uses 7 NSA Hacking Tools
It was over a week ago when the nasty WannaCry ransomware attack started infecting critical cyber infrastructure in more than 150 countries. Its target was Windows users demanding a ransom payment of $300 in Bitcoin in order to unlock their files. A security researcher has identified a new strain of malware that also spreads itself by exploiting flaws in Windows SMB file sharing protocol, but unlike the WannaCry Ransomware that uses only two leaked NSA hacking tools. According to news published by Hacker News Miroslav Stampar, a security researcher who created famous ‘sqlmap’ tool and now a member of the Croatian Government CERT, has discovered a new network worm, dubbed EternalRocks, which is more dangerous than WannaCry and has no kill-switch in it. Following is a list of NSA exploits used by EternalRocks;
1. EternalBlue — SMBv1 exploit tool
2. EternalRomance — SMBv1 exploit tool
3. EternalChampion — SMBv2 exploit tool
4. EternalSynergy — SMBv3 exploit tool
5. SMBTouch — SMB reconnaissance tool
6. ArchTouch — SMB reconnaissance tool
7. DoublePulsar — Backdoor Trojan
Cyber Security Tips: You are strongly recommended to keep your system up-to-date, keep using reputed antivirus, keep a backup of your data, keep your system password protected, and be aware of phishing attacks.
- Netgear Now Collects Router ‘Analytics Data’
Netgear has recently pushed firmware update for its wireless router model NightHawk R7000 with a remote data collection feature that collects router’s analytics data and sends it to the company’s server. According to news published by Hacker News, the company has rolled out the firmware update for its NightHawk R7000. Netgear Now Collects Router ‘Analytics Data’ including; Number of devices connected to the router, IP address, MAC addresses, Serial number, Router’s running status, Types of connections, LAN/WAN status, Wi-Fi bands and channels, Technical details about the use and functioning of the router and the WiFi network.
The company said they are collecting the data for routine diagnostic to know how its products are used and how its routers behave but a user can disable this feature said Netgear.
Cyber Security Tips: Users can disable this feature by the following step;
1. First, open the router login window by entering http://www.routerlogin.net
2. Login with your credentials.
3. Go to advanced → Administration → Router Update →Scroll down to the Router Analytics Data Collection section and select the Disable button to disable router analytics data collections and click on apply.
3. Asterisk Framework Critical DoS Flaws Patched
Asterisk is an open source framework for building communications applications. Asterisk turns an ordinary computer into a communications server. Asterisk powers IP PBX systems, VoIP gateways, conference servers and other custom solutions. The penetration tester Gauci discovered in April that the project is affected by three potentially serious vulnerabilities that can be exploited to cause the system to crash. The vulnerabilities affect all versions of Asterisk 13, 14 and Certified Asterisk 13.13. The issues have been addressed with the release of versions 13.15.1, 14.4.1 and 13.13-cert4. One of the security holes can be exploited by a remote attacker to cause Asterisk to exhaust all available memory by sending a specially crafted Signalling Connection Control Part (SCCP) packet.
Cyber Security Tips: Administrators are strongly recommended to update their asterisk framework with latest patches.