News

Cyber News Rundown: Over 100 Lenovo laptop models patched after exploit discovery

Cyber News Rundown: Over 100 Lenovo laptop models patched after exploit discovery
Userlevel 7
Badge +2

Three vulnerabilities found in over 100 Lenovo laptop models were recently discovered and quickly patched by the computer company. In other cybersecurity news, criminals drained over $80 million in cryptocurrency after exploiting the flash-loan protocols of the decentralized financial system Beanstalk.

Hackers use flash-loan tactic to steal $182 million

Attackers exploited the flash-loan protocols of the Beanstalk decentralized financial system and forced a malicious proposal that drained over $80 million in cryptocurrency. The exploit resulted in a net loss of $182 million as the attackers used a majority voting stance to instantaneously authorize a transaction without any collateral., Their majority stance was based on their valued quantity of stablecoins. Meanwhile, officials are still working to investigate the attack and provide some response to the shareholders and clients looking for reimbursement.

Funky Pigeon retailer suffers cyber-attack

Following a cyber-attack on their core systems, gift card retailer Funky Pigeon has been forced to suspend all orders until they have concluded their investigations into the breach. While they are still working to determine if any customer information was compromised, they have already begun contacting their entire customer base to inform them of the incident.

Lenovo patches vulnerabilities that affect over 100 laptop models

Researchers discovered three vulnerabilities that exploit the UEFI in at least 100 Lenovo laptop models. The vulnerabilities allow hackers to install malicious firmware that can be extremely difficult to detect or remove. Two of the vulnerabilities are based on partially deactivated firmware drivers that are only used during manufacturing but can be used to compromise the BIOS control bits and disable device protections before booting. The third vulnerability builds on the first two, by allowing an attacker to install malicious firmware if the system is booted up into system management mode. This mode has high-level permissions and can make changes at the operating system level without additional authentication.

GitHub repositories compromised by stolen OAuth tokens

Officials for GitHub identified multiple private repositories containing GitHub files that were downloaded by an unauthorized user who had gained access by misusing third-party OAuth user tokens. GitHub confirmed none of their systems were compromised, and they have contacted the third-party organizations to revoke all access tokens. They continue to monitor user activity for anything suspicious.

Microsoft takes down ZLoader botnet

Along with a series of research firms, Microsoft finalized the infrastructure takedown of the ZLoader botnet. They’re currently seeking court approval to seize 65 domains that were being used to spread their malware to a variety of vulnerable industries. Though Microsoft has confirmed that they have not removed every instance of ZLoader, they are still working with law enforcement and regional ISPs to identify any remaining infections.


21 replies

Userlevel 7
Badge +4

Lots of cyber news there. The funky pigeon one is the most serious one to me since 3 people were unable to send me my birthday card for Wednesday as their order got blocked! 

Userlevel 7
Badge +5

That Lenovo article makes me really glad we don’t sell Lenovo.

Userlevel 7
Badge +4

Yes. Me too. There’s been a few Lenovo concerns recently

Userlevel 7
Badge +5

That flash loan story is also fascinating. Seems like cryptocurrency is such a huge target. I keep thinking I should be investing in some kind of crypto, but I don’t have enough confidence it will remain safe.

Userlevel 7
Badge +4

Same for me. Thanks for your other article about keeping crypto safe. I’ve been looking for a while about whether to invest and just don’t have the confidence to risk my families future

Userlevel 7
Badge +4

Lots of cyber news there. The funky pigeon one is the most serious one to me since 3 people were unable to send me my birthday card for Wednesday as their order got blocked! 

Happy birthday for Wednesday!

Userlevel 7
Badge +4

Lots of cyber news there. The funky pigeon one is the most serious one to me since 3 people were unable to send me my birthday card for Wednesday as their order got blocked! 

Happy birthday for Wednesday!

Cheers James! I was working but got plenty of cake!

Userlevel 7
Badge +4

Lots of cyber news there. The funky pigeon one is the most serious one to me since 3 people were unable to send me my birthday card for Wednesday as their order got blocked! 

Happy birthday for Wednesday!

Cheers James! I was working but got plenty of cake!

I think we can both agree that is the most important thing!

Userlevel 7
Badge +4

Definitely. Presents are ok, but there has to be cake! 😄

 

 

Userlevel 6
Badge +1

The Lenovo article was of most interest to me as we use Thinkpads internally. Thankfully we are not impacted by this issue. Always good to be aware either way. 

Userlevel 7
Badge +4

Thank goodness we swerve Lenovo laptops!

Userlevel 7
Badge +22

So I like to consider myself very careful with my machines and with tools and software to help protect me, and every time I read one of these, I wonder just how long before I get snagged by one of these exploits.  Thank you for the news update. 

Userlevel 6
Badge +6

Every time a breach such as “Funky Pigeon”  happens I always groan… So many people use the same passwords for their online shopping that I just know that someone who did use that site, will soon get hit on another as they don’t change passwords on other sites after this sort of thing happens.

 

Userlevel 4

I am glad we just retired all our old Lenovo laptops :)

Userlevel 5
Badge +5

Put me in the No Lenovo camp.

The GitHub story is scary.

Userlevel 7
Badge +22

Damn, used to love Lenovo products a long while back. They were very solidly built devices. Kind of sad to read that. 
 

And  who is Funkey Pigeon? That was a name I did not know. That attack is really awful. 
 

And happy belated Wednesday birthday. 

Userlevel 7
Badge +4

Damn, used to love Lenovo products a long while back. They were very solidly built devices. Kind of sad to read that. 
 

And  who is Funkey Pigeon? That was a name I did not know. That attack is really awful. 
 

And happy belated Wednesday birthday. 

Thanks for the birthday wishes. As for Funky Pigeon, it is one of the most popular online card and gift websites in the UK. Ive noticed this morning that their website is allowing orders again and no longer has the top banner warning about the security hack.

Userlevel 4
Badge +2

The levovo problem has a BIOS update fix which you can run from Windows like any other patch.  The vantage program does not seem to pick the new BIOS update up yet.  Thats a serious oversight. But you can get the BIOS from Lenovos website.

Its a local exploit so more a kin to the spy thriller put a usb in and take over the machine scenario.  However as its so low level it could go undetected so should be fixed.  We’ve patched a fair few machines on the 100+ list already.  Knowing what and to who you have sold stuff comes in useful sometimes.

There appears to be 2 versions of the BIOS since this was announced so Lenovo are obviously working on this.

Ultimately this is like any other high priority patch, something even the best AV tools can’t protect you from if you don’t keep on top of this news.  So great to see it in cyber news rundown.

Userlevel 7
Badge +8

$80 million in cryptocurrency after exploiting the flash-loan protocols of the decentralized financial system Beanstalk. Thats a lot of other peoples money stolen. 

Userlevel 4

I’m a Lenovo reseller and I’m disappointed that I didn’t learn about the vulnerability from them, but happy that I learned this from Webroot Cybernews!

Userlevel 7
Badge +62

One of the seven computers that I own is a Lenovo...Thank you Webroot for exposing these vulnerabilities. 

Reply