Data Security News Headlines 4th October 2017

  1. EtherParty Breach: Another Ethereum ICO Gets Hacked

Etherparty is a contract wizard that removes the complexity of creating, managing and executing smart contracts on any blockchain. The platform allows users with zero knowledge of smart contract programming to create an enforceable, self-executing digital agreement for all types of transactions. According to the latest statement by the company on Sunday that its ICO (Initial Coin Offering) website selling tokens for a blockchain-based smart contract tool was hacked and the address for sending funds to buy tokens was replaced by a fraudulent address controlled by the hackers. Etherparty said the company launched its Fuel token sale on Sunday, October 1 at 9 A.M. PDT, but just 45 minutes, some unknown attackers hacked into its ICO website and replaced the legitimate address by their own, redirecting cryptocurrencies sent by investors into their digital wallet. According to the details released by the Etherparty team, the company detected the hack after just 15 minutes and immediately took its website down for nearly one and half hour to fix the issue, preventing more people from sending funds to the hacker’s address. 11:35 A.M. PDT, the website was rebuilt and switched to a new web server. The company does not disclose any details on how funds were stolen.

Cyber Security Tips:  EtherParty users are strongly recommended that always check the URL and verify the contract address before sending ETH to any ICO.

  1. Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and has a small footprint, suitable for resource-constrained routers and firewalls. The Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it. Google’s security team reviewed Dnsmasq and discovered seven security issues, including DNS-related remote code execution, information disclosure, and denial-of-service (DoS) issues that can be triggered via DNS or DHCP. Out of seven vulnerabilities, three can be exploited to perform remote code execution, three can be used in denial of service attacks, and one information leakage flaw. The company has released patches for these vulnerabilities said company spokesperson.

Cyber Security Tips:  Dnsmasq users are advised to update their installations as soon as possible.

  1. 3 vulnerable WordPress plugins affecting 21,000 websites

Plugins are programs made up of one or multiple functions that integrate with a WordPress site to enhance it with new features. According to the Security firm, Wordfence reported that the three exploited vulnerabilities have affected WordPress plugins. Wordfence explained that the vulnerabilities were exploited to install backdoors on WordPress websites and warned the users about the plugins since about 21,000 websites until these are updated with the newly released plugins versions. The vulnerabilities are critical in nature. Sites that run on Flickr Gallery plugin can be exploited by targeting their root URL while the other two require the attacker to aim at the POST request at the admin-ajax.php file. When the hacker successfully tricks the targeted websites into downloading backdoor it is possible to hijack the site within mere minutes according to the news published by Hack read.

Affected plugins, which have now been fixed include:

  1. WPMU Dev’s Appointments (fixed in v. 2.2.2)
  2. Dan Coulter’s Flickr Gallery (fixed in v. 1.5.3) and
  3. CMSHelpLive’s RegistrationMagic-Custom Registration Forms (fixed in v. 3.7.9.3)

Cyber Security Tips:  users and administrators are strongly recommended that update the infected plugins with the latest version.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: