Marcel Brown:  October 18th, 1985. Nintendo releases the Nintendo Entertainment System in New York and limited other North American markets. An immediate hit, Nintendo released the system nationwide in February of 1986.

Julie Chatman: I’m Julie Chatman in Washington DC with a special message for cyber warriors, especially network defenders. The U. S. National Security Agency and the Cybersecurity and Infrastructure Security Agency have unveiled the Top 10 Cybersecurity Misconfigurations that attackers are hoping to find in your organization’s network and what you can do about them.

Edwin Kwan: Attackers are actively exploiting a zero-day vulnerability in Cisco devices to gain full administrative privileges and take complete control of the device remotely. Attackers have been exploiting this vulnerability since 18th September and over 10,000 devices have been hacked.

Hillary Coover: Ever wonder how satellite imagery data contribute to safeguarding both geopolitics and cybersecurity? This resource really amplifies their capacity to anticipate and address physical security challenges that directly influence cybersecurity.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Over 10,000 Cisco Devices Hacked

Attackers are actively exploiting a zero-day vulnerability in Cisco devices to gain full administrative privileges and take complete control of the device remotely.

This is Edwin Kwan from Sydney, Australia.

Cisco has warned of a maximum-severity authentication bypass zero-day vulnerability in its iOS XE software. The vulnerability allows a remote and unauthenticated user to create a highly privileged account and take control of the system. Cisco devices running iOS XE software include enterprise switches, aggregation and industrial routers, access points, and wireless controllers.

The vulnerability, which is tracked as CVE-2023-20198, does not currently have a fix available. However, it only affects devices that have the web user interface enabled. There are over 140,000 Cisco devices that have their web UI enabled and exposed to the internet. Over 3,500 of those exposed devices are in Australia. It was discovered that attackers have been exploiting this vulnerability since 18th September and over 10,000 devices have been hacked.

The attackers were observed creating local admin accounts with usernames such as ‘ cisco_support’ and cisco_tac_ admin.

Cisco recommends applying mitigation measures by disabling the vulnerable HTTP server feature on all internet-facing systems until a patch becomes available and to also look for suspicious or recently created user accounts as potential signs of malicious activity linked to this vulnerability.

Resources
– Gov.AU: https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/cisco-ios-xe-software-web-ui-zero-day-vulnerability
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/over-10-000-cisco-devices-hacked-in-ios-xe-zero-day-attacks/
– Bleeping Computer: https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-ios-xe-zero-day-actively-exploited-in-attacks/

 

Julie Chatman
NSA and CISA: Top ten cybersecurity configuration blunders

I’m Julie Chatman in Washington DC with a special message for cyber warriors, especially network defenders. The U. S. National Security Agency and the Cybersecurity and Infrastructure Security Agency have unveiled the Top 10 Cybersecurity Misconfigurations that attackers are hoping to find in your organization’s network and what you can do about them.

Before I share the list of misconfigurations, it’s important to note that the list leads to two key thoughts about the state of cybersecurity in today’s digital ecosystem.

The first is there seems to be a trend of systemic weaknesses in many large organizations. The second is it’s important for software manufacturers to embrace secure by design principles.

• Okay, here’s the list.
• 1 – Default configurations of software and applications
• 2 – Improper separation of user administrator privileges
• 3 – Insufficient internal network monitoring
• 5 – Lack of network segmentation
• 5 – Poor patch management
• 6 – Bypass of system access controls
• 7 – Weak or misconfigured multi-factor authentication methods
• 8 – Insufficient access control lists on network shares and services
• 9 – Poor credential hygiene
• 10 – Unrestricted code execution

Along with tactics, techniques and procedures that cyber attackers use to exploit these misconfigurations, the NSA and CISA have also shared mitigation recommendations for network defenders and software manufacturers.

For example, they recommend that network defenders remove default credentials, disable unused services, regularly update and automate patching, prioritizing patching of known exploited vulnerabilities. And reduce, restrict, audit, and monitor administrative accounts and privileges.

They recommend that software manufacturers embed security controls into product architecture from the start of development and throughout the entire software development lifecycle (SDLC), eliminate default passwords, provide high quality audit logs to customers, and implement phishing resistant multi-factor authentication for privileged users.

You can find detailed mitigation information in the October 5th Joint Cybersecurity Advisory from CISA and the NSA. Visit 505updates.com for a transcript of this recording and links to the advisory, as well as the CISA Known Exploited Vulnerabilities Catalog, and information about implementing phishing resistant multi-factor authentication.

Stay safe out there!

Resources
– CISA: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a
– CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

 

Hillary Coover
Safeguarding Nations: The Crucial Role of Satellite Imagery Data

Ever wonder how satellite imagery data contribute to safeguarding both geopolitics and cybersecurity?

Hi, this is Hillary Coover in Washington, DC.

I’ve highlighted the multitude of publicly and commercially accessible data sources, underscoring the profound strategic significance that emerges when harnessed effectively.

The sphere of satellite imagery data, as exemplified by the recent investigative work by the Wall Street Journal, unveils some serious insights. Specifically, the meticulous scrutiny of perimeter fencing alterations surrounding critical facilities in Belarus has unveiled heightened nuclear warhead activities.

Satellite data analysis has revealed a surge in the presence of Iskander missiles, a Russian weapon system designed for nuclear warhead delivery. The discernible increase in Iskander deployment within Belarus distinctly amplifies Russia’s capacity to expedite a nuclear weapon launch in closer proximity to Ukraine and other NATO member states.

Satellite imagery data serves as a remarkable tool not just for identifying geopolitical threats, but also for affording cybersecurity efforts a more comprehensive perspective when evaluating vulnerabilities concerning vital infrastructure, supply chains, and data centers. This resource really amplifies their capacity to anticipate and address physical security challenges that directly influence cybersecurity.

What kinds of strategic security posture insights could you gather for your own interests from satellite imagery data? For a link to the Wall Street Journal video, check out 505updates.com.

Resources
– Wall Street Journal: https://www.wsj.com/video/satellite-images-show-russia-increasing-nuclear-capability-in-belarus/331FB832-177F-474C-995D-2BFB12C3D23B.html

 

Marcel Brown
This Day, October 18, in Tech History

This is Marcel Brown serving up some technology history for October 18th.

October 18th, 1958. In what could be considered the world’s very first video game, William Higinbotham and Robert Dvorak, Sr. show off a tennis simulator game they called Tennis for Two. Developed on a Donner Model 30 analog computer using an oscilloscope, it is the first known electronic game to use a graphical display.

Higinbotham and Dvorak developed the game to show off to visitors to the Brookhaven National Laboratory where they worked. The game was only shown off twice, during the laboratory’s annual visitors day. While hundreds of visitors lined up to play the game when it was made available, little was known about the game for decades. While somewhat similar in gameplay to the later hit Pong, there is no known direct relationship between the games.

October 18th, 1985. Nintendo releases the Nintendo Entertainment System in New York and limited other North American markets. An immediate hit, Nintendo released the system nationwide in February of 1986.

Along with the NES, Nintendo released 18 games that day, including… 10-Yard Fight. Baseball, Clu Clu Land, Donkey Kong, Jr., Math, Duck Hunt, Excitebike, Golf, Gyromite, Hogan’s Alley, Ice Climber, Kung Fu, Mach Rider, Pinball, Stack-Up, Tennis, Wild Gunman, Wrecking Crew, and of course, Super Mario Brothers.

That’s your technology history for today. For more, tune in tomorrow and visit my website thisdayintechhistory.com.

Resources
– https://thisdayintechhistory.com/09/18