Last week, we explained how security certificates work and how malware authors have used them to block security software from being downloaded and executed. We also showed how the Magnitude exploit kit is spreading a Cerber ransomware variant that uses binary padding in an attempt to get skipped, because of its file size, during antivirus scans.
Latest updates for Businesses
- Password rules have been way too complicated says the man that invented those rules and regrets it. These rules have now been updated.
- Locky made another comeback (maybe we should call it Rocky), this time using the diablo6 extension.
- And another ransomware that came back is the disk-encrypting Mamba.
- Microsoft and Kaspersky seem to get closer to burying the hatchet concerning the claim by the Russian anti-virus company that the US software giant was unfairly promoting the use of Windows Defender over third-party security products.
- Salesforce fired two of its senior security engineers after their talk at DEF CON. Or actually told them up front that they would be fired if they went ahead with the talk. Which they did as they didn’t see that text message on time.
Latest updates for Consumers
- A document was leaked that discloses CouchPotato, which is how the CIA uses a remote tool to stealthy collect RTSP/H.264 video streams.
- After the leak of some Game of Throne episodes by HBO hackers earlier in the week, there was a bigger data dump this weekend, including episodes of Insecure, Ballers, Barry, The Deuce, a comedy special and other programming.
- Google brings phishing protection to iOS. A few months after releasing the anti-phishing feature for Android, Google now does the same for iOS. Google : “Going forward, when you click on a suspicious link in a Gmail message on your iPhone or iPad, we’ll show a warning. We recommend that you use caution before proceeding, because the link is likely unsafe. Only proceed if you’re confident there’s no risk.”
In other security news:
- The Ukaraine announced to have arrested a man responsible for nonPetya, but if you read the announcement closely it turns out to be a bookkeeper explaining how to infect business machines on demand, so the companies with the infected machines can claim to be excused from doing their taxes before the closing date, and not the person or organization behind the original attack.
- Biological malware could become the next big threat. According to recent scientific research at the University of Washington, human DNA can be used to take advantage of computer systems. Right now, DNA is not a security risk. Their test was only successful because the researchers were able to create a perfect scenario to improve their chance of success.
- US court system bug opened hole for hackers to scoop up legal docs for free on victims’ dime. A cross-site forgery vulnerability in the American court system’s document archive PACER has been fixed. The bug could have been exploited to hijack accounts and retrieve civil and criminal lawsuit files on victims’ dime.
Safe surfing, everyone!
The Malwarebytes Labs Team