Cyber Security News Update 7/27/2018

Inmates in an Idaho prison discovered a vulnerability in the system that managed the commissary system in their prison, and by taking advantage of the tables they used to interface with it, which they used to credit themselves with hundreds-of-thousands of dollars in credit. This credit was used to purchase movies, music, and snacks. Prison officials discovered the hack in July, by which time the inmates had taken approximately $225,000. The prison managed to recoup over $60,000 of what was taken, but the rest wasn’t recoverable. The vulnerability has since been removed, and there is no word on what punishment, if any, was levied against the inmates.
Source: Idaho inmates hack prison tablets, steal $225,000 in commissary credits

In a terrifying turn of events, researchers have found a variant of the Spectre attack they’ve dubbed NetSpectre because it (unlike all other known Spectre variants) can attack through a network connection instead of requiring physical access. NetSpectre takes advantage of inherent design quirks that are present in modern machines that allows them to function with the speed we’ve grown used to. By monitoring the way a targeted machine responds to a tailored request it’s possible for NetSpecture to calculate the passkeys and other security information necessary to infiltrate the device without needing to learn the password. NetSpectre is capable of launching from cloud computing services, such as those hosted by Google or Amazon, and can work through Local Area Networks as well. NetSpectre sounds dangerous, and it is, but it was patched out by Intel earlier in the year. As long as your devices are kept up-to-date with security patches they should be safe from Spectre, Meltdown, NewSpectre, NetSpectre, and other derivatives.
Source: NetSpectre — New Remote Spectre Attack Steals Data Over the Network

Another miner malware is making the rounds, named Hidden Bee, which takes advantage of an Adobe Flash vulnerability to install itself. Hidden Bee’s primary attack vector is through advertisements on adult websites that redirect users to targeted pages designed to install the program. These ads appear to be targeted at users in Asian countries, and the attack itself shows an unusually high level of sophistication. The attack is encrypted and requires a hand-shake between the front and back ends of the website for it to actually initiate, which makes it difficult for researchers to analyze and for anti-virus software to catch. This type of attack, which is hidden by obfuscation, is not unknown to the cyber research community but it appears rarely and is an obstacle that makes it difficult to find a fix or even collect the program to study.
Source: Hidden Bee miner spread via download drive-by download toolkit

Max is a Data Privacy Coordinator at a major global law firm and a science fiction author residing in the Philadelphia area. He has been writing for since early 2017.