Weekly Magazine - 04.6.2020

Cyber News JUNE 4th, 2020 | #3 TOP POINTS The goal of Iran’s cyber attack on Israeli water sources: to increase the level of chlorine in drinking water. Research conducted by Reposify, a cyber company, reveals the reason behind multiple directed attacks in the financial sector Activist hackers are destroying government websites Critical security breach using “Enter with Apple” identification allows user account theft Security fault in ARMv7 lets hackers control smart cars Data leak on India’s national e-payments app exposes 7.26 million users ATTACKS The goal of Iran’s cyber attack: raising the chlorine content in Israel’s drinking water Financial Times Magazine publicized the reason for the cyber attack at the start of April based on remarks from a senior official in the west. The attack on Israel’s water infrastructure by Iran aimed to increase the amount of chlorine in water pumped into Israeli homes. A senior Israeli official said that the attack opened up the possibility of a “dangerous and unanticipated scenario.” The attack was conducted with Iranian malware which made use of transitions between servers in the USA and in Europe as a means of camouflaging the attacker’s source. The attack could have caused a situation where citizens and farms were left without water during the weeklong heatwave. The attack was thwarted by the water installation’s security system which shuts down on detecting excess chemical usage. www.helena-sec.com Helena-sec Helenasec [email protected]

ATTACKS Target: the financial sector In a study carried out by the cyber organization Reposify, recent multiple attacks focused on the financial sector, for obvious reasons: - 23% of banks worldwide had at least one incorrectly defined data base, leaving it open to exposure. Severe data leaks resulted. - In 54% of banks at least one RDP server allowing remote access was identified as exposed to internet users. - 31% of banks were found to have weaknesses in their critical RCE type security, enabling malware to be injected. Various recent cyber attacks, such as the attack against the Costa Rica National Bank in which the attackers published a document containing 4 million clients’ credit card details, confirm the study’s findings. The George Floyd protests: Hackers destroy government websites The death of George Floyd following excessive restraint by an American police officer has aroused protests and ongoing waves of rioting and violence. Activist hackers have voiced their protest by attacking and defacing American government websites, replacing screen views with photos of George Floyd and the hashtag #GeorgeFloydMurder. Attacked sites include: - Minneapolis Police website - UN Civil Society website The https://maintenance.un.org site shows a notification to surfers that maintenance is currently being conducted to repair the site. In addition to Floyd’s photo, Geoffrey Epstein’s “Black Book”, containing testimony and anecdotes describing horrific actions linked to him, has been leaked. SECURITY BREACHES Do you use Sign in with Apple for third party services? You could have been exposed to a critical security breach CISCO security investigators recently discovered a serious fault in the ARMv7 processor which allows hackers to take control of smart cars. The vulnerability, discovered on an external web server, made it possible for attackers to destroy the background processes and run remote malware (RCE) on the server. Taking over the server hands the attackers full control over smart cars linked to it. The vulnerability was reported and repaired. www.helena-sec.com Helena-sec Helenasec [email protected]

DATA LEAK Data leak in India’s national payments corporation app exposed details of 7.26 million users Security investigators Noam Rotem and Ran Locar of VpnMentor recently reported on an AWS server being used by the popular Indian e-payments app. Incorrectly defined, it enabled access to more than 400 GB of data on 7.26 million app users. Exposed data included financial details and sensitive information. After locating the data, the two investigators approached service developers but, receiving no reaction, contacted India’s national CERT and transferred their report. CERT diverted the information to the local CERT service and the problem was repaired. Had the information gotten into the wrong hands, it could have been used for a wide range of criminal activities such as identity theft, money fraud, tax offenses and more. THIS WEEK’S RECOMMENDATION: IF IT’S NOT IN YOUR SCHEDULE, IT WON'T HAPPEN! Want to be sure your devices are protected? Slot a weekly reminder to scan your devices for viruses and malwares. Remember! Ongoing maintenance prevents risks.