1-616-951-1166 info@vdalabs.com

Contents

  • Security News
  • Latest Vulnerabilities
  • Thought Leadership – Upcoming Con Talks

Top Security News

Gandcrab Maybe Not Retired After All

Brian Krebs recently published a new piece on the malware author that is known as ‘gandcrab’ that claimed they retired a while back after pocketing over 150M worth of ransom payments. They appear to have gone and re-branded as “REvil” instead. This comes after several groups released decryption tools for most/all of the original Gandcrab malware.

https://krebsonsecurity.com/2019/07/is-revil-the-new-gandcrab-ransomware/

Logic Bomb = Jail Time

A contractor working for Siemens has pled guilty to planting a logic bomb in a company Excel spreadsheet in order to guarantee job security. The logic bomb was set up to cause issues with the Excel file when it was opened past a certain date, resulting in the need to contract for more help. The contractor now faces up to 10 years in prison and a $250,000 fine.

https://www.zdnet.com/article/siemens-contractor-pleads-guilty-to-planting-logic-bomb-in-company-spreadsheets/

Equifax Breach Fine is $700M

On Monday, the 22nd, The FTC has settled an agreement with Equifax to pay a minimum of $575 million and up to $700 million as a result of the historic data breach from 2017. It was revealed during the investigation that some consumers have been the victim of identity theft as a result of the breach. Many records that can be traced back to Equifax have been found on the dark web.

Although the settlement is a record breaking fine, many do not think that the punishment goes far enough – and the price of Equifax shares even rose in the wake of the settlement.

https://www.wired.com/story/equifax-fine-not-enough/


Recent Vulnerabilities

Palo Alto VPN Vulnerabilities and more!

In a blog post published ahead of an upcoming talk at Black Hat, security researchers disclosed a vulnerability that was discovered in Palo Alto’s GlobalProtect SSL VPN server last year. This has potentially become a serious issue because Palo Alto decided to patch the issue silently – they did not issue an advisory or CVE to bring attention to the need to upgrade when they issued a patch last year. Further researchers have estimated that upwards of 30% of PA devices remain unpatched, and using the exploit is said to be trivial.

The researchers also found similar issues in other VPN appliances from Fortinet and Pulse Secure – details will be coming soon.
https://techcrunch.com/2019/07/23/corporate-vpn-flaws-risk/

Thought Leadership – Upcoming Talks

Recently the VDA Labs team has had a number of talks accepted to notable conferences continuing to share our expertise and thought leadership with the security community. Below are opportunities to see our team speak:

DerbyCon – September 6-8

Using Next Generation Fuzzing Tools
Presented by Jared DeMott and John Stigerwalt

Old Tools, New Tricks: Hacking Web Sockets
Presented by Michael Fowl and Nick Defoe

GRRCon – October 24-25

Reverse Engineering Malware for N00bs
Presented by Greg Hatcher and James King