A Week in Security (Apr 05 - 11)

A Week in Security (May 31 – Jun 06)

Last week, we dished out a couple of good news about Malwarebytes and the blog: first, we announced that we’re partnering up with LabTech Software, a company known for providing IT management tools; second, Malwarebytes Unpacked received the prestigious award for Best Corporate Security Blog at the 20th InfoSecurity Europe Conference, which was held in London. Thank you, dear Reader, for voting for us! It wouldn’t have happened without you.

Moving swiftly on—Our experts offered insights on several reports that appeared on our social streams, including one about a school teacher using jammers to disrupt mobile devices used by inattentive students. Another is about Trolling-as-a-Service (TaaS), triggered by an experience of a New York Times reporter in St. Petersburg, Russia.

We also looked into several interesting (if not peculiar) in-the-wild threats: a UPS spam mail that leads to “cheap source of electricity” (Thanks, Nikola!) and a potentially unwanted program (PUP), which we detect as PUP.Optional.UnfreindAlert.A—yes, that’s not a typopretending to be a program that lets one monitor who ‘unfriended’ them on Facebook.

Notable news stories and security related happenings:

  • 56 MEEELLION Credentials Exposed by Apps Say Infosec Boffins. “Researchers from the University of Darmstadt say app developers have exposed 56 million credentials by borking login processes using services from Google, Amazon, and Facebook. The research team tested 750,000 Android and iOS applications, examining the way they used the federated identity services to make authentication smooth across different devices.” (Source: The Register)
  • Skype-Dwelling Botnet Serves Up Adware. “While botnets in the past had to run on systems that attackers owned or had compromised, they can now run on Skype and other cloud-based chat programs, providing an even lower-cost alternative for attackers. And that’s exactly what has happened in a widespread Skype solicitation phishing campaign.” (Source: InfoSecurity Magazine)
  • Facebook Just Made a Provocative Move that will Infuriate Law Enforcement. “Facebook has announced it is letting users add encryption keys to their profiles and opt in to have notification emails sent in an encrypted format. The news comes as tensions rise between the US government and the tech community over the use of strong encryption.” (Source: Business Insider)
  • Ransomware Creator Apologizes for ‘Sleeper’ Attack, Releases Decryption Keys. “Criminal with a soft spot relents on successful Locker ransomware campaign and offers free decryption for victims. Refunds don’t appear to be coming, however.” (Source: Network World)
  • Lessons from Japan Pension System Hack. “Hackers have hit Japan’s pension system, getting away with over 1.25 million files of personally identifying information. An external e-mail virus was used to breach Japan Pension Service staff computers, according to system’s president Toichiro Mizushima, who apologized for the leak.” (Source: Top Tech News)
  • Self-Driving Cars Vulnerable to Cyber-Attack, Warn Experts. “Expected on the road by 2020 or even sooner, driverless cars should have a wide range of cutting-edge technologies such as electronic sensors — a group of cameras, radar, sonar and LiDAR (light detection and ranging) — commanded remotely using software that senses road widths, identifies signs and even roadblocks. But like connected vehicles and their onboard multimedia systems, these new self-driving technology elements — which were meant to make the cars safe and reliable, could end up leaving them vulnerable to hacker strikes, according to US security firms Mission Secure Inc (MSi) and Perrone Robotics Inc.” (Source: NDTV Gadgets)
  • Test Shows 97% Fooled in Phishing Test; Terrorists Now Using Popular Criminal Hacking Trick. “Plenty of folks think they could never be outsmarted by a hacker; plenty of them are wrong. In fact, perhaps 97% are wrong. Two new studies make this point, and show the devastating consequences of being wrong. Security firm McAfee has created a tool that lets consumers test their ability to distinguish between real emails and fake “phishing” emails designed to steal their personal information. So far, consumers have failed the test — miserably.” (Source: Bob Sullivan dot Net)
  • Do Departed Employees Haunt Your Networks? “According to a study by Intermedia, 89 percent of adults retained access to at least one application from a former employer, and 49 percent actually logged into an account they weren’t supposed to still have access to. Even more worrying, 45 percent retained access to confidential data.” (Source: CSO Online)
  • Wireless Network is the Weakest Security Link in Enterprise IT Infrastructure: Fortinet. “The study also showed IT decision makers found wireless networks to be the most vulnerable element of the IT infrastructure – with 49 per cent of respondents ranking wireless networks as most exposed from a security standpoint, in contrast to just 29 per cent for the core network.” (Source: ARN)
  • Attackers Targeting Medical Devices to Bypass Hospital Security. “A preview copy of a report from TrapX Labs, which will be released later this month, highlights three successful attacks against healthcare organizations. The incidents prove that defending assets in a healthcare environment isn’t as easy as some would have you think. In fact, given the wide range of devices on a given network, it can be nearly impossible.” (Source: CSO Online)

Safe surfing, everyone!

The Malwarebytes Labs Team