Cyware Daily Threat Intelligence March 23, 2018

GitHub vulnerability scanner
The GitHub vulnerability scanner, that was launched late last year, has discovered over four million bugs in a matter of a few months. These bugs were found through public repositories for known vulnerabilities in RubyGems (Ruby) and NPM (JavaScript). Developers have been notified of these bugs, privately.

Drupal plans to patch a bug
Drupal has issued an advisory to its developers, asking them to reserve some time next week to fix what Drupal terms a “highly critical” flaw in Drupal 7 and 8 core. The advisory notifies of a security release of Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28th, 2018 between 18:00 – 19:30 UTC.

Chrome OS devices to receive Meltdown and Spectre patches
Google is set to release Chrome OS 66, slated for April 24, on all older Chromebooks with Intel processors in order to mitigate against the Meltdown vulnerability. While Meltdown and Variant 1 can be addressed with software updates, Variant 2 requires additional microcode updates. Atlanta City computers hit
Systems belonging to the city of Atlanta government have been infected with a ransomware. The computer network is currently experiencing outages on various customer-facing applications. A screenshot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems, has been submitted.

Unsecured servers
A researcher came across various servers running etcd, a type of database used by networks to store and distribute passwords and configuration settings, on Shodan search engine. Using a simple script, the researcher could extract 8,781 passwords, 650 Amazon Web services access keys, 23 secret keys, and 8 private keys.