Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Reposify. Show all posts

Several Critical Flaws Detected in Las Vegas’s Leading Casinos

 

External attack surface management platform, Reposify, has discovered multiple vulnerabilities in the IT networks of Las Vegas’s leading casinos. Recently, Nevada Gaming Control Board (NGCB) issued a warning for all the casino operators and advised them to remain prepared for possible cyber-attacks.

“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” Reposify spokesperson said.

Researchers from Reposify used an External attack surface management (EASM) platform to detect security loopholes in the IT networks of casinos that might catch attackers’ attention. During their examination, researchers discovered multiple exposures in the network perimeter of a leading Las Vegas casino and also a stack trace of a casino’s purchasing system. 

The security loophole in stack trace allowed researchers to secure details regarding the casino’s backend architecture and other highly sensitive information. Researchers claim that attackers can abuse exposed stack traces to secure access into a casino’s internal networks. In addition, cybersecurity experts also spotted a Microsoft Exchange server with multiple critical flaws. These flaws could allow malicious actors to gain domain administrator rights and execute remote code attacks.

“If attackers managed to gain access to this server, which they could easily do by exploiting the several vulnerabilities this server had, they would be able to see all internal and external communications, launch phishing and ransomware attacks, among others,” Repsoify’s spokesperson told CyberNews in an email.

According to the researchers, one of the casinos did not use multi-factor authentication for logging in to a firewall system, leaving a critical part of security open to credential stuffing and brute force attacks.

“We can say with certainty that the types of vulnerabilities discovered had the potential to result in financial losses and exposure of sensitive information including personal information of customers,” the spokesperson explained. 

Notably, Reposify did not publish the names of the affected casinos and also didn't know whether discovered flaws were abused or not. Consequently, casinos with security loopholes in their IT systems were informed about the findings of the research in an attempt to help them fix the issues. 

“Casinos are considered a lucrative target for attackers, as evident by the numerous recent attacks on such establishments. After reviewing the exposures and unencrypted assets discovered over publicly accessible internet, I urge security teams to take immediate actions to identify and eliminate unknown exposures in their attack surfaces before they fall victim to the next cyber-attack,” Arnon Yosha, a senior security researcher at Reposify, stated.

Over 92% of Pharmaceutical Firms are Prone to Cyber Attacks, New Report Highlights

 

Reposify, the leading external attack surface management platform published its Pharmaceutical Industry Attack Surface Exposures Report analyzing the security status of the world’s leading pharmaceutical firms and their 900-plus branches.

Data analysts at Reposify examined the data covering a two-week period in March 2021 and discovered that 92% of the pharmaceutical companies had at least one exposed database with potential data breach, while 46% had an unmasked Server Message Block (SMB) service. 

SMB is a communication protocol that allows networks within the same system to share files. It also offers an authenticated inter-process communication mechanism. The last time when SMB services were exploited was the infamous 2017 WannaCry cyberattack, targeting 80 NHS trusts across England. 

The Department of Homeland Security and Cybersecurity and Infrastructure Security Agency (CISA) issued an early warning in the response that attackers were leveraging password spraying campaigns in order to target pharmaceutical companies, research firms, and other health care organizations involved in the COVID-19 response. 

Last year, threat actors targeted 53% of pharmaceuticals or biotech companies, including the European Medicines Agency, which led to a breach of Pfizer and BioNTech COVID-19 vaccine data. The average cost of a pharmaceutical industry breach stood at $5.06m in 2020, a sum 1.3 times higher than the global average. 

“The pharmaceutical sector is one of the largest contributors to the global economy and human welfare. But pharmaceutical companies are struggling to protect their distributed network perimeter from increased cyber-attacks coming from well-funded and well-organized hacking groups on the hunt to steal and hold valuable, confidential data for ransom or other nefarious acts,” said Uzi Krieger, CEO of Reposify. 

“COVID-19 is still ravaging parts of the world, variants are spiking, and the safety of clinical research, manufacturing and supply chains have never been so important to humanity, and yet, pharmaceutical companies remain ill prepared and unsecured, spiraling the industry into red level vulnerability to external attacks, “ Krieger added. 

Luckily, of all security flaws uncovered, 72% were categorized in a low-risk category. However, 15% were classified as critical, 7% were high-risk, and 6% were medium risk. The median number of high-severity risks for each firm was 269, while the median of critical flaws per company was 125. These risks were linked to vulnerable software (38%), improper access controls (33%), and potential DDoS (23%), among others.