November 7, 2017
Saudi-Led Coalition Blames Iran For Missile and Warns it Could Be 'Considered as an Act of War' – Yemen, Iran and Saudi Arabia
The Saudi-led coalition fighting in Yemen closed off the land, sea and airports to the Arab world’s poorest country early Monday after a rebel-fired ballistic missile targeted Riyadh, blaming the launch on Iran and warning it could be “considered as an act of war.” The coalition’s statement ramps up tensions between the ultraconservative Sunni kingdom and its Shiite rival Iran, both of which have interests in Yemen’s yearslong conflict. The bloodshed continued Sunday as an Islamic State-claimed militant attack in Aden killed at least 17 people. In a statement, the coalition accused Iran of supplying Yemen’s Houthi rebels and their allies with the missile launched Saturday at the Saudi capital’s international airport. Iran has backed the rebels but denies arming them. The Houthi militants have said their Volcano-variant ballistic missile is locally produced. The Saudi-led coalition’s statement said the closures would be temporary and “take into account” the work of humanitarian and aid organizations. The war has claimed more than 10,000 lives and driven the Arab world’s poorest country to the brink of famine.
U.S.-Japan Arms Deals Will Help Counter North Korea Threat – Japan, North Korea and The United States
Donald Trump has said large Japanese orders for US-made military equipment will help it counter the threat from North Korean ballistic missiles, as he called the regime a “threat to the civilized world” on the second day of his tour of Asia. North Korea has test-launched two missiles over the Japanese island of Hokkaido in recent months and threatened to “sink” Japan into the sea. Trump, at a press conference in Tokyo with Japan’s Prime Minister, Shinzō Abe, said Japan should have shot down the missiles, and that buying missile defenses would boost both the US economy and Japanese security. “[Abe] will shoot missiles out of the sky when he completes the purchase of lots of equipment from the United States,” Trump said. “One very important thing is that Prime Minister Abe is going to be purchasing massive amounts of military equipment, as he should.
Savitech Audio Drivers Caught Installing Root Certificate – Global
Savitech drivers used by several companies that provide specialized audio products expose computers to hacker attacks by installing a new root certificate into the Trusted Root Certification Authorities store in Windows. The USB audio drivers from Savitech, a company that offers application-specific integrated circuits for audio and video solutions, are used by several vendors. The CERT Coordination Center lists products from Accuphase, AsusTek, Audio-Technica, Creek Audio, EMC, FiiO Electronics, HiFime, Intos, JDS Labs, McIntosh Laboratory, ShenZhen YuLong Audio, Stoner Acoustics, Sybasonic, and TeraDak Audio as possibly being affected. Savitech used the “SaviAudio” root certificate as part of its effort to support the outdated Windows XP operating system, but the certificate is no longer installed by the latest version of the drivers released by the company. According to RSA’s Kent Backman, the researcher who discovered the flaw, self-signed root certificates were silently installed by the packages provided by Savitech between 2013 and 2017. Installing such a certificate allows hackers who are in possession of the Savitech private key to impersonate online services, sign malicious software, and decrypt network traffic via man-in-the-middle (MitM) attacks. While this worst case scenario sounds serious, in reality, the risk of an attack is low as, hopefully, Savitech has taken steps to ensure that the private key cannot be obtained easily by malicious actors. CERT/CC noted that there is no evidence of the key being compromised. The vulnerability, tracked as CVE-2017-9758 and dubbed by RSA “Inaudible Subversion,” was introduced by Savitech in an attempt to seamlessly support Windows XP, which Microsoft abandoned several years ago. While users still running Windows XP are exposed to attacks due to much more serious vulnerabilities left unpatched in the operating system, the audio drivers install the root certificate on newer versions of Windows as well, despite not being needed.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!