Sunday, March 27, 2016

Issue 57 - Week of Mar 21st


1.       Think twice before using USB drives: Security researchers have discovered a new data-stealing Trojan called USB Thief, that has the capability of attacking air-gapped or non-internet computers without leaving any trace of activity on the compromised systems. The malware resides as a Plug-in/DLL and executes from the USB itself, it is bound to that USB making it hard to be replicated or reverse engineer. To stay safe - Never use USB storage devices from non-trustworthy sources, Turn off Auto-run and Regularly backup your data.

2.       Anti-hacker unit of Verizon hacked: Records for more than 1.5 million customers of the computer security wing of Verizon, appeared for sale earlier last week. This division aids large corporations when they’ve been the victims of a hack, ironically, now the division itself has been breached. The entire database was offered up for $100k on a cybercrime forum, or in increments of 100,000 records for $10k apiece. The company has since fixed the security vulnerability and confirmed that the attacker only obtained basic contact information and no customer proprietary network information (CPNI) was accessed.

3.       Uber launches Bug-bounty program: The new bug bounty program is designed for white hat hackers to identify flaws in Uber's codebase; critical bugs could yield up to $10,000 in rewards, the company said. Uber's first reward program will run for 90 days, starting on May 1st. Uber says it will share publicly the "highest-quality" vulnerability discoveries if the winners who found them agree to the disclosure.

4.       Cybersecurity expert assisting with Bangladesh bank heist probe goes missing: A cybersecurity expert was reportedly abducted last week, according to his family, after commenting on an attempted cyber-attack of $1Billion from Bangladesh's central bank. Before disappearing, he met the special police force appointed by the central bank. He also addressed media, where he talked about the three user IDs used for the heist. Police are yet to comment on his disappearance. Meanwhile, the police are seeking both technical and human assistance from the FBI and have confirmed that criminals from multiple countries were involved. $100 million that was stolen has been traced to Sri Lanka and the Philippines

5.       Apple v/s FBI: Last week – court suspended the proceedings of this case, at least until next month after FBI told the federal judge that it needs some time to test a possible method for unlocking the shooter's iPhone for which they have hired an "outside party". Some reports have pointed to a forensic firm- assisting the Justice Dept. in opening the iPhone.

6.       Stop 'rewarding' victims of online fraud with refunds: A top cop has said that Banks should stop automatically reimbursing victims of online financial fraud, since it rewards their bad security habits. He believes consumers would learn to take computer security more seriously, if full refunds are stopped. He suggests banks could refund only a portion of funds lost in online fraud, if the victim is running outdated software. Malware takes advantage of unpatched flaws in browsers and plugins, such as Adobe Flash, Java, etc. Experts advice to keep all the software updated and run an Anti-malware software.

7.       Phishing attacks continue to target W-2 data: Playing on fear and basic human nature in order to succeed - Scammers continue to impersonate CEO/CFO/Senior people to seek W2(Form 16) data from mid/lower rung employees. Attackers play on the trust relationships that exist within the company and exploit the fact that most employees often cannot say ‘No’ to bosses. In the first three months of 2016 - 41 large and small organizations have reported such data loss, these include names like Snapchat, Seagate, Polycom, Netcracker Technology...

8.       Iranians charged with cyber-attacks on US banks, New York dam: The Justice Dept. has charged seven Iranian nationals with computer hacking offences against US banks and a dam in New York. They are said to have carried out numerous distributed denial-of-service (DDoS) attacks, disabling bank websites, preventing customers from gaining access to their online accounts. One of the attackers gained unauthorized access to Bowman dam's industrial automation control (SCADA) system, thru which he could have remotely operated and manipulated the dam's sluice gate. The attackers face up to 10 years in prison. Iran has brushed aside the charges.

9.       Malvertising campaign strikes top websites worldwide: Hackers continue to have a free run with Malvertising. Popular websites - including The New York Times, BBC, AOL, MSN, Lenovo and many others across the world fell prey to a malicious advertising campaign which sent unwitting visitors to the Angler exploit kit which serves TeslaCrypt ransomware. Hackers identify sites with high traffic and leverage third-party ad networks to slip in fraudulent and fake adverts. A mere visit to such sites installs Angler on victim's machines, it is not necessary to click those ads.


10.   Badlock - another branded bug trying to make money?: Samba is a re-implementation of the SMB/CIFS networking protocol, it facilitates file and printer sharing among Linux and Windows systems as an alternative to NFS. Stefan Metzmacher is contributed in the development on Samba; last week he announced a Bug in Samba on a newly created website and indicated it will patched on April 12th – coinciding with the next patch Tuesday. InfoSec professionals across the world panned this move as it gives a heads-up to criminals who can exploit this bug.

No comments:

Post a Comment