A week in security (April 02 – April 08)

A week in security (January 15 – January 21)

Last week on Labs, we gave you some background information about cookies, specifically which ones to worry about and why. We also warned you about scams surrounding the Mega Millions winner, who promised to donate his money to good causes.

We analyzed a cryptocurrency miner using a very old technique called Heaven’s Gate to make injections into 64-bit processes from 32-bit loaders. On top of that, we pointed out that there are Chrome and Firefox extensions using “forced installs” that hide from users and hijack browsers. And last but not least, we enticed you to think about some practical New Year’s resolutions related to cybersecurity and privacy.

Other news

  • Google acknowledged a known issue where a bug in the Cast software may incorrectly send a large amount of network traffic, which can slow down or temporarily impact Wi-Fi networks. (Source: Google Support)
  • Soon after, Google announced an update Android phones so an interaction with Chromecast video-streaming devices and Google Home smart speakers won’t whack your Wi-Fi. (Source: CNet)
  • A version of the Satori malware exploits one or more weaknesses in the Claymore Miner,  replacing the owner’s wallet address with an address controlled by the attacker. (Source: ArsTechnica)
  • BlackWallet, another site in the booming cryptocurrency wallet sector, lost their users’ cryptocurrency after what looks like a DNS hijacking attack. (Source: Naked Security)
  • Dark Caracal, a surveillance toolkit-for-hire, has been used to suck huge amounts of data from Androids and Windows desktop PCs around the world. (Source: The Register)
  • A British 15-year-old gained access to intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA. (Source: The Telegraph UK)
  • OnePlus announced that up to 40,000 customers were affected by the security breach that caused the company to shut down credit card payments for its online store earlier this week. (Source: The Verge)]
  • The SamSam ransomware group seems to have gotten off to a “great” start in 2018, hitting several high-profile targets such as hospitals, a city council, and an ICS firm. (Source: Bleeping Computer)
  • GhostTeam adware can steal Facebook accounts and surreptitiously push ads. It was found on 53 apps on Google Play. (Source: Trendlabs)
  • A confusing drop-down menu was the cause of the false missile warning that scared Hawaii. (Source: The Washington Post)
  • Researchers have identified a powerful new Android malware strain called Skygofree capable of eavesdropping on WhatsApp messages and much more. (Source: Threatpost)
  • Lack of authentication was the culprit behind leaks of customer details in an adult VR application called SinVR. (Source: Digital Interruption)

Stay safe, everyone!