Table of Contents

  1. Y2K20
    1. Parking Meter Software Glitch Causes Citywide
    2. U-Bahn breakdown, 95 vehicles failed in Hamburg
    3. Cash registers in Poland fail due to new year bug
    4. Star Wars Jedi: Fallen Order and WWE 2K20 are not launching due to a “2020” bug
  2. Ransomware
    1. Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools
    2. FBI Warns of Maze Ransomware Focusing on U.S. Companies
    3. Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless
    4. Big Game Ransomware being delivered to organisations via Pulse Secure VPN
  3. Malware
    1. Researcher Spots New Tricks in Web Payment Card Skimmers
    2. Travelex Knocked Offline by System-Wide Malware Attack
  4. Facebook
    1. Police Tracked a Terror Suspect — Until His Phone Went Dark After a Facebook Warning
  5. Exploit development
    1. Malformed zip archive bypasses AV scans
    2. Microsoft Edge (Chromium) – Elevation of Privilege to Potential RCE
  6. Vulnerabilities
    1. 3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches
  7. Politics
    1. U.S. Government Issues Warning About Possible Iranian Cyberattacks
  8. Crime
    1. Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline
    2. Colorado Town Wires Over $1 Million to BEC Scammers
  9. Hardware
    1. New USB cable kills your Linux laptop if stolen in a public place
  10. Science
    1. A computer made from DNA can compute the square root of 900

Y2K20

Parking Meter Software Glitch Causes Citywide

The Department of Transportation said in a statement that parking meters are not currently accepting credit card payments and pre-paid parking cards. But this is actually a global problem stretching all the way to Australia, as there are tons of cities around the world that use the same software: "The outage was caused by a configuration error in the credit-card payment software used by Parkeon, a vendor for automated parking systems around the world," the DOT wrote. "The software in the model of Parkeon meter used in New York City had established an end date of January 1, 2020 – and had never been updated by the company. Cities worldwide using the same meters/software began seeing a series of cascading credit card rejections, starting in Australia, as the calendar reached that date."

U-Bahn breakdown, 95 vehicles failed in Hamburg

Just in time for the turn of the year there were problems with the Hamburg subways again. 95 of the 120 new DT5 vehicles had failed, and the automat prints tickets for year 2040. According to Hochbahn, some of the vehicles did not tolerate the software update well. Now there is good news: From Saturday all DT5 vehicles will roll again. The update caused an error in a number of the new DT5 railways: "The vehicles cannot start after turning", said a spokesman for the elevated railroad. So a new update was needed to get the damaged trains back on the move.

Cash registers in Poland fail due to new year bug

Due to a bug in the software of popular Delio cash registers, Novitus companies are unable to operate today. They cannot accept payments from customers in cash or by card. They are not able to issue a receipt.

Star Wars Jedi: Fallen Order and WWE 2K20 are not launching due to a “2020” bug

Fallen Order and WWE 2K20 are currently not launching at all for all PC gamers. According to numerous reports, PC gamers are crashing to desktop while trying running these two games. From the looks of it, this is mainly caused by the Denuvo anti-tamper tech. However, there is a workaround for this issue.

Ransomware

Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools

The Clop Ransomware continues to evolve with a new and integrated process killer that targets some interesting processes belonging to Windows 10 apps, text editors, programming IDEs and languages, and office applications. When the Clop Ransomware started circulating in February 2019, it was just your normal garden variety CryptoMix ransomware variant with the same features we have been seeing in this family since 2017.

FBI Warns of Maze Ransomware Focusing on U.S. Companies

Organizations in the private sector received an alert from the F.B.I. about operators of the Maze ransomware focusing on companies in the U.S. to encrypt information on their systems after stealing it first. The warning came less than a week after the Bureau warned about the LockerGoga and MegaCortex ransomware threats infecting corporate systems.

Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless

Days before Christmas, employees found out that The Heritage Company had been hit by a ransomware attack and was “temporarily suspending operations.” A ransomware attack reportedly caused an Arkansas-based telemarketing company to temporarily suspend its operations, leaving hundreds of employees unsure that they still had jobs days before Christmas. The Heritage Company, a 61-year-old telemarketing firm that works with nonprofit organizations, sent a letter to its more than 300 employees saying it has lost hundreds of thousands of dollars due to the attack. The letter was obtained by local media.

Big Game Ransomware being delivered to organisations via Pulse Secure VPN

Back in April 2019, Pulse Secure issued an advisory for their Zero Trust VPN product, warning organisations of an out of cycle patch which fixed a vulnerability in their product Pulse Connect Secure. That vulnerability is incredibly bad — it allows people without valid usernames and passwords to remotely connect to the corporate network the device is supposed to protect, turn off multi-factor authentication controls, remotely view logs and cached passwords in plain text (including Active Directory account passwords). But people are bad with updates. So there are still lots of vulnerable machines on the internet, many belonging to governments too.

Malware

Researcher Spots New Tricks in Web Payment Card Skimmers

E-commerce sites have been under siege from cybercriminals who seek to sneak malicious code into checkout processes. A researcher has found two new methods that payment card number thieves are using to try to stay under the radar. The attackers are sometimes referred to as Magecart, a name for a slew of groups that steal payment card numbers. These attackers often capitalize on vulnerabilities in e-commerce software or other security mistakes that allow for the injection of malicious Javacript, dubbed sniffers or skimmers (see: Magecart Cybercrime Groups Harvest Payment Card Data). One of those newly employed methods is steganography, which involves hiding code in something that appears to be benign, such as an image file. A Twitter user, @affablekraut, recently disclosed the discovery of a credit card skimmer disguised as an image, writes Jerome Segura, director of threat intelligence at Malwarebytes.

Travelex Knocked Offline by System-Wide Malware Attack

The foreign-currency-exchange giant said that it has been hit by a virus, affecting retail customers and banking partners alike. A “computer virus” has forced foreign currency exchange giant Travelex to shut down its online services and its app – leaving its retail locations to carry out tasks manually and many customers stranded without travel money. Its global banking partners have also been left adrift with no way to buy or sell foreign currency.

Facebook

Police Tracked a Terror Suspect — Until His Phone Went Dark After a Facebook Warning

A team of European law-enforcement officials was hot on the trail of a potential terror plot in October, fearing an attack during Christmas season, when their keyhole into a suspect's phone went dark. WhatsApp, Facebook Inc.'s popular messaging tool, had just notified about 1,400 users – among them the suspected terrorist – that their phones had been hacked by an "advanced cyber actor." An elite surveillance team was using spyware from NSO Group, an Israeli company, to track the suspect, according to a law-enforcement official overseeing the investigation.

Exploit development

Malformed zip archive bypasses AV scans

Many Antivirus products suffer from a malformed archive bypass vulnerability. The parsing engine supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive Compression Information Field so that it can be accessed by an end-user but not the Anti-Virus software.

Microsoft Edge (Chromium) – Elevation of Privilege to Potential RCE

A security researcher has received bounties for discovering the first valid vulnerabilities in the new chromium-based Edge browser.

Vulnerabilities

3 Critical Bugs Allow Remote Attacks on Cisco NX-OS and Switches

Cisco patched three authentication bypass bugs tied to its DCNM platform used to manages NX-OS. Cisco Systems has issued patches for three critical vulnerabilities impacting a key tool for managing its network platform and switches. The bugs could allow an unauthenticated, remote attacker to bypass endpoint authentication and execute arbitrary actions with administrative privileges on targeted devices, the vendor said.

Politics

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Former U.S. officials and security experts said there is precedent for such concerns amid years of tit-for-tat cyber-attacks between the two countries. As recently as June, after the U.S. sent additional troops to the Middle East and announced further sanctions on Iran, cyber-attacks targeting U.S. industries and government agencies increased, the Department of Homeland Security said at the time. In a tweet after the airstrike on Thursday, Christopher Krebs, director of the U.S. Cybersecurity and Infrastructure Security Agency, repeated a warning from the summer about Iranian malicious cyber-attacks, and urged the public to brush up on Iranian tactics and to pay attention to critical systems, particularly industrial control infrastructure.

Crime

Cybercriminals Fill Up on Gas Pump Transaction Scams Ahead of Oct. Deadline

Gas stations are gearing up for a major change in credit-card fraud liability in October, when they will find themselves on the hook for card-skimming attacks at the pump. In the meantime though, cybercriminals will be targeting pay-at-the-pump point-of-sale mechanisms with a vengeance, researchers say. Fuel pumps represent a last bastion of non-encrypted transactions. Unlike when customers pay inside, the pump mechanism doesn’t require a chip-and-PIN or chip-and-signature scheme, which have built-in encryption and can thwart most amateur card-skimming efforts. Instead, swiping one’s card and using the magnetic strip is the norm.

Colorado Town Wires Over $1 Million to BEC Scammers

Colorado Town of Erie lost more than $1 million to a business email compromise scam (BEC) that ended with the town's employees sending the funds to a bank account controlled by scammers. BEC (otherwise known as Email Account Compromise) is a type of financial fraud through which crooks deceive an organization's employee via computer intrusion or by using social engineering into wiring out funds to attacker-controlled bank accounts.

Hardware

New USB cable kills your Linux laptop if stolen in a public place

A software engineer has designed a so-called USB "kill cable" that works as a dead man's switch to shut down or wipe a Linux laptop when the device is stolen off your table or from your lap in public spaces like parks, malls, and internet cafes.

Science

A computer made from DNA can compute the square root of 900

A computer made from strands of DNA in a test tube can calculate the square root of numbers up to 900. Chunlei Guo at the University of Rochester in New York state and colleagues developed a computer that uses 32 strands of DNA to store and process information. It can calculate the square root of square numbers 1, 4, 9, 16, 25 and so on up to 900.