Squeeze Volume 5 - Christmas Trojans, Bluetooth Car Break-Ins & More!

Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.

Squeeze Volume 5 - Christmas Trojans, Bluetooth Car Break-Ins & More!

Welcome to the fifth edition of the Secjuice Squeeze, where we present a selection of last weeks interesting infosec articles curated for your reading enjoyment in case you missed them! This week's volume was created by Manmeet Singh Bhatia, Miguel Calles, and Chad Calease.

Microsoft releases patch updates for recent Windows zero-day

In November 2019, cybersecurity firm Kaspersky disclosed their finding of a zero-day vulnerability in the Google Chrome browser, which was actively being used in online attacks termed as Operation WizardOpium. In case you missed it, in this attack, the attackers injected a JavaScript tag in a Korean language news website subsequently taking over its control. The injected JavaScript tag would execute malicious scripts in the visitor's browser. This vulnerability was tagged as CVE-2019-13720 with a severity score of 8.8. Google fixed the problem in its latest update of the browser.

In the course of the investigation, Kaspersky revealed it discovered another zero-day exploit, this time in Windows, which worked in conjunction with the chrome vulnerability. Marked as CVE-2019-1458, this zero-day allowed to gain escalated privilege on the infected machine. Kaspersky technology explained, "During our investigation, we discovered that yet another 0-day exploit was used in those attacks. The exploit for Google Chrome embeds a 0-day EoP exploit (CVE-2019-1458) that is used to gain higher privileges on the infected machine as well as escaping the Chrome process sandbox."

Microsoft, in its December security updates, 2019, patches a total of 36 vulnerabilities and advises its users about the zero-day vulnerability. The latest developments as perceived by Kaspersky can be read on their latest blog post.

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

Merry Christmas from EMOTET Trojan Virus

It is a festive time of year and malicious actors are taking advantage. Before you open an email inviting you to a holiday party, stop and be cautious. You might get an email containing an attachments giving you details to a holiday party. The email is written calmy and suggestive toward downloading the attachment. If you open the attachment, it installs a trojan virus that starts sending emails to others and potentially installs a ransomware virus too.

Emotet Trojan is Inviting You To A Malicious Christmas Party
EMOTET Arrives via Spam, Greeting You a Merry Christmas

Emotet Trojan is Inviting You To A Malicious Christmas Party
Just in time for the holidays, the Emotet Trojan gang has started to send Christmas themed emails that they hope will entice you to open their attachments and become infected. They even want you to wear your ugliest Christmas sweater!

K-12 Cybersecurity Act of 2019

Senators introduced a new act to address cybersecurity in the K-12 school systems. They recognized the "K–12 educational institutions across the United States are facing cyber attacks." The education institutions store and maintain personally identifiable information, medical records, family records, and scholastics records (e.g., grades). This is valuable information to hackers. The act proposes the Department of Homeland Security to become more involved.

Senators introduce K-12 Cybersecurity Act
S.3033 - K-12 Cybersecurity Act of 2019

"Hacking Apocalypse!!!"

There's a media frenzy about Ring cameras getting broken into. It's not a "hacking apocalypse" so much as it's people using weak passwords, like 12345.

Terrifying Videos Show Men Hacking Into Home Security Cameras

Terrifying Videos Show Men Hacking Into Home Security Cameras
Ring cameras are meant to help families monitor their homes. But hackers are now using them to spy on and harass people as they sleep.

Third Party Risk Providers

The Pentagon is developing a cybersecurity maturity model with five levels of compliance that correspond to the sensitivity of data being protected. Their vendors and contractors will have to step-up their own practices if they want to stay in the game.

Pentagon Wants Contractors to Meet Cybersecurity Requirements

Pentagon Wants Contractors to Meet Cybersecurity Requirements | SecurityWeek.Com
The U.S. Defense Department wants companies hoping to obtain defense contracts to demonstrate that they can keep sensitive information safe.

Not Your Grampa's Break-In Tactics

Bluetooth scanners are the new hotness for thieves. They use them to identify valuable devices like laptops, phones, and tablets inside vehicles, making their target-selection more on-point. No more breaking into a nice car just because they "think" there might be something worth stealing inside.

Thieves Are Using Bluetooth to Target Vehicle Break-Ins

Thieves Are Using a New Tactic for Vehicle Break-Ins
How to keep your devices safe when you park at a trailhead

The awesome image used in this article is called Kaneda and was created by Romain Trystram.