A Week in Security (Apr 05 - 11)

A Week in Security (Oct 25 – Oct 31)

Last week, we touched on what advertising brokers are, free wine, the art of wiping data from your mobile devices, and why it’s a bad idea to leave your laptop in your hotel room. We also pushed out an infographic on Patch Tuesday to give you, dear Reader, a basic overview of what it is and some interesting statistics.

Senior Security Researcher Jérôme Segura reported on the latest 0-day exploit for Adobe Flash being a part of exploit kits, specifically Angler and Nuclear, at that time of writing.

Malware Intelligence Analyst Jovi Umawing warned readers about an imitation Putlocker site that redirects users to potentially unwanted programs (PUPs). In this case, it can be downloaded from a page that contains a notice for users to update their Java.

Notable news stories and security related happenings:

  • Using DroidJack to Spy on an Android? Expect a Visit from the Police. “According to reports, action was taken in the United Kingdom, France, Germany, Belgium and Switzerland, targeting people who had bought DroidJack and used it since 2014. According to a BBC News report, searches were also conducted in the United States.” (Source: ESET’s We Live Security Blog)
  • How CISA Encourages Both Cybersecurity Information Sharing and Warrantless Surveillance. “Sharing cybersecurity data involving threats, probes, breaches, and information on attackers between companies and government agencies is a great idea. However, although shared data will strengthen the cybersecurity defenses, the Computer and Communications Industry Association (CCIA), backed by Amazon, Facebook, and Google, among others, and the Business Software Alliance (BSA), which is backed by Apple, Microsoft, and Oracle, are both against it.” (Source: Network World)
  • UK Surveillance Bill to Give Police Access to Web History. “The proposed bill will allow the police to seize details of the websites and access specific web addresses visited by anyone under investigation, but judicial approval will be required to access the content of the websites.” (Source: Computer Weekly)
  • The FBI Isn’t Wrong; Sometimes You Will Have to Pay the Ransom. “While the FBI would love to wave a magic wand and reverse a CryptoWall infection, the reality is that Ransomware isn’t something that can be easily defeated once it’s infected a system. Another point he stressed, was that most criminals running CryptoWall attacks are good to their word and release the files once paid.” (Source: CSO Online)
  • Employee Attitudes Fuel Your Data Security Plan. “We are all overwhelmed by security threats and proactively taking action can be daunting. At home, your employees might not see the need to install anti-virus software, use encryption, or set-up a secure Wi-Fi network. At work, these same employees assume the information technology department will just fix it.” (Source: Legal Tech News)
  • Tor Project Releases Tor Messenger, Anonymous Instant Messaging Client. “The Tor team has been working on this product for quite some time now, with three alpha versions distributed for internal testing via the project’s mailing lists. Today marks the first beta version for Tor Messenger.” (Source: Softpedia)
  • Forget Self-Destructing Messages, Buzz’s New App Offers Self-Destructing Connections. “Often, dating site users will ask for your digits in order to continue your conversations outside the dating platform itself. But not everyone is ready to hand over their real phone number, which is why apps like Burner or Kik have come in handy.” (Source: TechCrunch)
  • Is Anti-Virus Dead? ESET’s Latest Ransomware and Bank Trojan Figures Suggest Otherwise. ” It seems like a hundred other US startups are happy to declare anti-virus dead too although what they replace it with sounds to cynics like a speculative attempt to reinvent the same thing in new clothes.” (Source: Tech World)
  • Nonprofits Face Costly Cyberthreats. “Nonprofits have tended to lag behind other organizations in terms of security tool adoption because of limited funding and, often, a generally trusting, open-minded culture. Often they do not monitor and restrict what employees and volunteers do. Unfortunately, this exposes nonprofits to many more threats and can ultimately result in major data breaches that compromise sensitive information and lead to financial loss and embarrassment. Threats continue to intensify, so nonprofits should assess their existing security systems and identify instances where they might consider replacing those resources or adding new tools.” (Source: BizTech Magazine)
  • Sniffly Websites Could Snaffle Browsing Data. “A proof of concept for an interesting new intelligence gathering technique has surfaced recently. Researcher Yan Zhu presented the procedure known as Sniffly*, at ToorCon 2015. In theory, the Sniffly attack (for want of a better word) could allow the owner of a website to gain some insight into other sites that the browser has visited.” (Source: Team Cymru Blog)
  • The Top Threat Vector For Mobile Devices? P[o]rn. “As mobile devices become more deeply woven into the fabric of our personal and work lives, cyber criminals are taking increasingly vicious and disturbingly personal shots at us, according to Blue Coat Systems. Mobile ransomware attacks lead the way as a top malware type in 2015, along with the stealthy insertion of spyware on devices that allows attackers to profile behavior and online habits.” (Source: Help Net Security)
  • US Says It’s OK to Hack Cars and Medical Devices (Sometimes). “The exemptions allow for “good-faith security research” to be performed on computer programs that run on lawfully acquired cars, tractors and other motorized land vehicles; medical devices designed to be implanted in patients and their accompanying personal monitoring systems and other devices that are designed to be used by consumers, including voting machines.” (Source: CSO Online)
  • Hackers Target Video Gamers with Sophisticated Phishing Scam. “Scammers have been found to be sending emails to the gamers portraying themselves as the officials from the gaming companies claiming that they will take legal action against those involved in selling game characters and credits for real time money. By tricking the gamers into believing their emails, the cyber criminals actually ask for money or personal and financial information of those gamers.” (Source: HackRead)
  • Dridex Malware Creators Deceive Victims with Fake IKEA Receipt. “The malicious actors behind the Dridex malware strain seem to be going out of their way to prove authorities that their takedown attempts were futile. In a new spam campaign launched this morning, cyber criminals use IKEA as bait, abusing the company’s brand reputation to deceive victims.” (Source: Heimdal Security Blog)
  • Unpatched PCs Attract Hackers in Their Droves – with Apple in Front. “According to Secunia, the problem with end-of-life applications from a security perspective is that the vendors of those applications no longer publish security updates to patch vulnerabilities as they are discovered in the product and, consequently, any vulnerability in an end-of-life application is an open door into any PC on which the application is installed.” (Source: IT Wire)
  • Are Banks Failing to Keep Customers Safe Online? “A shockingly high number of online banking customers may be at risk of having their details stolen due to the provider failing to ensure connections remain secure, according to new figures. A study by security firm Kaspersky Lab found that a third (33 percent) of financial services providers don’t offer customers a secure channel for all their online payments.” (Source: TechWeek Europe)
  • Privacy Might be a ‘Zombie,’ but It’s Not Dead Yet, Says Intel Privacy Chief. “Regardless of the market or space, it’s clear that privacy and security must be a concern for any organization operating in today’s tech-heavy environment, according to a panel of experts who spoke here last week at the Privacy + Security Forum. However, though the conversation has been ongoing for years, there is no one-size-fits-all model for organizations.” (Source: Fierce IT Security)
  • WhatsApp Collects Phone Numbers, Call Duration, and More! “A recent network forensic examination of popular messaging service WhatsApp is offering new details on the data that can be collected from the app’s network from its new calling feature: such as phone numbers and phone call duration, and highlights areas for future research and study.” (Source: Help Net Security)
  • Underwater Internet Cables Could be the Next Target in Tech Warfare. “Now, the US government is concerned the Russian military could attempt to sabotage these cables in a time of conflict, according to the New York Times (paywall). The newspaper reported an uptick of activity by Russian submarines near several major cables.” (Source: Quartz)

Safe surfing, everyone!

The Malwarebytes Labs Team