Meta stored passwords in plaintext

Meta Platforms has been fined by the Irish Data Protection Commission (DPC) for storing millions of Facebook and Instagram users’ passwords in unencrypted form. This security incident happened in March 2019, and an investigation revealed that the company violated four different articles of the European Union’s General Data Protection Regulation (GDPR).

“It is standard that user passwords should not be stored in unencrypted form,” said DPC Deputy Commissioner Graham Doyle in a press statement.

In response to the $101 million fine, Meta said it took “immediate action” to correct the error when it discovered it.

This is one of the most significant data protection decisions in Europe in recent years.

Fixed CUPS vulnerability could lead to increased DDoS attacks

In the last Security Sunday we informed you about a new critical vulnerability in CUPS. Akamai researchers have now discovered that the patched flaw can be exploited by attackers to amplify a DDoS attack by up to 600 times.

To initiate such an attack, an attacker needs to send only one packet to the CUPS service exposed online. Akamai researchers estimate that about 58,000 of the more than 198,000 servers exposed to the Internet are vulnerable.

Most of these vulnerable machines were running outdated versions of CUPS (some even dating back to 2007), making them easy targets for attackers to exploit to create botnets or use to amplify DDoS attacks.

Minimal resources and little time are also required to execute this DDoS amplification attack. Akamai warns that an attacker could easily take control of every exposed CUPS service on the Internet in a matter of seconds. Administrators are urged to deploy patches or disable cups-browsed services to prevent potential attacks and reduce the risk of their servers being added to a botnet or used in DDoS attacks.


The manufacturing industry is a prime target for ransomware groups

According to the Black Kite study, the manufacturing sector is affected by 21% of the total volume of ransomware attacks, putting manufacturing companies at significant risk. In total, this is more than three times the volume of attacks than other sectors.

Of the 5,000 companies surveyed, 80% of manufacturing companies were found to be running applications that have critical errors as assessed by CVSS.

Ferhat Dikbiyik of Black Kite recommends deploying patch management as a first line of defense, which is often neglected in the industry. “A large proportion of these organisations have systems connected to the internet. These systems are likely to be full of vulnerabilities and present an easy target for attackers. These vulnerabilities should be addressed as soon as possible.” Dikbiyik said


Critical vulnerability in NVIDIA Container Toolkit allows host system control

A critical vulnerability was discovered in the NVIDIA Container Toolkit that affects all AI applications in the cloud or on-premise environments that use the toolkit to access the GPU.

The vulnerability, referred to as CVE-2024-0132, allows attackers to perform privilege escalation, escape the container, and gain full access to the host system.

The NVIDIA Container Toolkit toolkit is pre-installed on many AI platforms as it is the standard tool for accessing GPUs when NVIDIA GPUs are used.

According to Wiz Research, more than 35% of cloud environments are at risk.

Wiz researchers discovered the vulnerability and reported it to NVIDIA on September 1. The manufacturer released a patch a few days later. Affected users are advised to upgrade to NVIDIA Container Toolkit version 1.16.2 and NVIDIA GPU Operator 24.6.2.