Monday, April 25, 2016

Issue 61 - Week of April 18th


1.       Singapore penalizes firms for data breaches: Several organizations in Singapore have been fined and issued warnings for breaching the country's Personal Data Protection Act (PDPA), including local IT retail chain Challenger Technologies and Chinese handset maker Xiaomi. The Act does not apply to public sector or Govt. K Box entertainment had suffered a breach in 2014 but till date - failed to put in place adequate data protection policies and security safeguards - they were fined S$50,000. The Institution of Engineers in Singapore as well as Fei Fah Medical Manufacturing were fined S$10,000 and S$5,000, respectively, for their failure to implement sufficient security measures to safeguard the data of their members and customers.

2.       Creepy new ransomware uses image from popular horror film: Another ransomware has entered circulation.  Known as  BitcoinBlackmailer.exe or JIGSAW. This malicious program starts encrypting your files while adding, with no irony, the '.FUN' file extension. It also threatens to start deleting files if the ransom is not paid within an allotted time, complete with countdown timer. To add to the distress of the victim, the ransomware displays the face of the character Billy the Puppet from the horror movie series Saw (see image below). Forcepoint Security Labs was able to reverse engineer and retrieve the encryption key. This malware can be detected and blocked by web security solutions like Forcepoint using the ACE technology.

3.       Samsam server-side ransomware targets schools, hospitals: A new ransomware program called Samsam- uses vulnerabilities in the JBoss application server to infect networks, with attackers focusing on health care organizations and schools. Samsam and another recent ransomware program known as Maktub do not require a connection to a command-and-control server to encrypt data on a targeted system.

4.       Security expert builds ransomware blocker for Mac: An expert has built an utility that scans for untrusted processes that are encrypting personal files, and stops them dead. The utility is called "RansomWhere?". False positives are kept to a minimum because ‘RansomWhere?’ explicitly trusts binaries signed by Apple. It also trusts applications that are already present on the system when it is installed. This is a double-edged feature - on the one hand it helps reduce false positives, but on the other hand if ransomware is already present on the system before RansomWhere? is installed, it may not be detected.

5.       Python-Based Malware Infects European Companies: IT security researchers have discovered an unusual family of malicious code written entirely in the Python programming language, making it easy to port to different operating systems. The malware uses a modular design that allows it to carry out a selection of different attacks, including executing files, logging keystrokes, mining bitcoins, executing arbitrary Python code and communicating with a remote server. The malware has targeted a number of European organizations, particularly in Poland, the targets include a national research institution, a shipping company, a large retailer and an IT organization, as well as a construction company in Denmark and an optical equipment provider in France.

6.       Manufacturers suffer increase in cyber-attacks: The manufacturing sector is now one of the most frequently hacked industries, second only to healthcare, financial services has dropped to third place. Many manufacturing companies are behind the curve in security because they have not been held to compliance standards like the financial services has. Manufacturers also appear to be vulnerable to older attacks, such as Heartbleed and Shellshock & SQL injection. Industrial control systems also pose a challenge to manufactures as most of them use decade old OS. Recommended Defensive Strategies are - Annual IT risk assessment, Annual penetration tests, Conduct ongoing vulnerability scanning.

7.       Apple v/s FBI: In the New York drug dealer iPhone case, Justice Dept. finds way into locked phone and hence drops demand for Apple's help. In this case, no hacks needed, after someone provided the passcode to unlock the device, according to the prosecutor. In the other case, FBI director hinted that the agency spent more than $1.3M to hack into the terrorist's iPhone.

8.       Hackers can spy on your calls and track location, using just your phone number: The famous ‘60 Minutes’ television show shocked some viewers Sunday evening when a team of German hackers demonstrated how they spied on an iPhone used by U.S. Congressman, then recorded his phone calls and tracked his movement through Los Angeles. Hackers leverage a security flaw in SS7 (Signalling System Seven) protocol that allows hackers to track phone locations, listen in on calls and text messages. The weakness affects all phones, whether it's iOS, Android, or whatever, and is a major security issue. The network operators are unwilling or unable to patch the hole, there is little the smartphone users can do.

9.       Long arm of law catches up: Two International hackers, have been sentenced to 24 years and 6 months in prison for their roles in developing and distributing SpyEye banking Trojan, a powerful botnet similar to the infamous ZeuS malware. Both hackers were charged with stealing hundreds of millions of dollars from banking institutions worldwide. In a different case - A Former Reuters journalist, who was convicted last year of helping the Anonymous group of hackers, has been sentenced to 24 months in prison for computer hacking charges. He was found guilty of giving login credentials to Anonymous, using which the group defaced the Los Angeles Times.

10.   Don't fool around with politicians esp. Lalu: An Indian engineering student, who was arrested last week for hacking into and posting objectionable content on Lalu Prasad’s Facebook page, was expelled from his college. He is a third year student at a local engineering college in Bihar. The cyber cell arrested the student and seized two mobile phones and a SIM card which he allegedly used.


Billy the Puppet from the horror movie series Saw:

No comments:

Post a Comment