In this week's digest, we cover critical vulnerabilities being discovered in a variety of devices, malicious insider attacks and the largest DDoS ever recorded.
1. Siemens PLCs are affected by critical vulnerabilities that could allow for malicious attackers to launch DoS attacks and change the configurations of the devices. The German giant has yet to release patches for the vulnerabilities, but it suggests that customers apply in-depth defence measures to reduce the risk. The vulnerabilities can be exploited by sending specially crafted packets to the targeted system.
2. A South African bank will now have to replace more than 12 million cards for its customers after employees printed and stole its master key. This action allowed the malicious employees to alter banking information which led to the theft of more than $3.2 million from customer accounts. The operation of replacing all the customer cards is suspected of costing more than $58 million.
3. We continue with new vulnerabilities as a zero-day flaw being contained in millions of IoT devices has been found. The vulnerability exists in a TCP/IP stack library which is used in a variety of vendors which include HP, Intel and other Fortune 500 companies. Some of these vulnerabilities if exploited, could allow for remote code execution while others will enable an attacker to achieve sensitive information disclosure, DoS and more.
4. On other news, social media research group Graphika released a report detailing the activities of a new Russian information operation which targets the political landscape in Europe and North America. The group has been operating since 2014, and it has been relying on fake news articles, fake leaks and forged documents to generate political scandals in the targeted countries. Some of the focuses of the group are to portray Europe as weak and divided, Muslims as aggressive invaders, the Russian government as the victim of Western hypocrisy and many more.
5. Continuing our digest with the largest ever recorded DDoS attack. The attack affected certain websites hosted by a large service provider. Even though not a lot of information has been disclosed for the attack, we know that it was a 1.44 Tbps DDoS, which is bigger than the 2018 DDoS against Github. Following the first attack, a second one was conducted on another website hosted by the same provider with 500 Mbps.