Cool News Story Bro! Week of 11-28-2014

by Otakun
Categories: News
Comments: Leave a Comment

Hey guys,

I hope all of you are having a fantastic holiday so far. All of us at MalWerewolf wish you a Happy Thanksgiving. With that in mind, the news doesn’t take a holiday so let’s get on with this week’s!

  1.  A Nightmare on Malware Street: CoinVault ransomware in the wild

    1. Our first story of the week takes a look at a new ransomware family called “CoinVault”.  While ransomware is nothing new, this one does take some extra steps to make analysis more difficult and employs a number Anti-VM, and obfuscation techniques. Great analysis.
    2. Read More @ https://securelist.com/blog/virus-watch/67699/a-nightmare-on-malware-street/
  2. Home Depot facing 44 lawsuits over data breach as clean-up cost reaches $43m

    1. Next, some more news surrounding the Home Depot breach story. Not looking good for them on the legal front as there are as many as 44 lawsuits over the breach. If that wasn’t bad enough, the breach so far has cost them $43 million in clean-up costs. Wonder how much cheaper it would have been to just fix the security issue that lead to this in the first place, but hey, reactive security still rules it seems.
    2. Read More @ https://nakedsecurity.sophos.com/2014/11/26/home-depot-facing-44-lawsuits-over-data-breach-as-clean-up-cost-reaches-43m
  3. Sony Pictures breached – or was it?

    1. Next story, courtesy of Naked Security, looks at the claims of a breach of Sony Pictures Entertainment by a group known as “GOP” (Guardians of Peace). They claim to have compromised the SPE network and taken a large amount of data. However, details are scarce and Sony has not confirmed the breach. We will keep an eye out for any updates to this story, as it develops.
    2. Read More  @ https://nakedsecurity.sophos.com/2014/11/26/sony-pictures-breached-or-was-it/
  4. FBI Agents Pose as Repairmen to Bypass Warrant Process

    1. Next, a fairly creepy story for any privacy advocates. It looks like an incident occurred where FBI agents interrupted a hotel guest’s internet access in order to come and “fix” it, so they could enter his hotel room without a warrant.
    2. Read More @ https://www.schneier.com/blog/archives/2014/11/fbi_agents_pose.html
  5. Bitcoin Is Not Anonymous After All

    1. This is an interesting read for anyone with any interest in BitCoin. It looks like a new study was released that shows that it is indeed possible to tie a Bitcoin user’s IP to their transactions, in real time. Considering the primary benefit of BitCoin is anonymity, this is a fairly big deal.
    2. Read More @ yro.slashdot.org/story/14/11/26/2121214/bitcoin-is-not-anonymous-after-all
  6. Uber’s Android App Caught Reporting Data Back Without Permission

    1. Next, another privacy related story. Looks like the Uber android app was found to be sending a lot of data back to  base, without user permission. Data it’s sending back is not harmless either, things like call logs, SMS/MMS logs, installed apps. I sense a lawsuit.
    2. Read More @ yro.slashdot.org/story/14/11/27/1451203/ubers-android-app-caught-reporting-data-back-without-permission
  7. Exploit Kits Improve Evasion Techniques

    1. Time for the inevitable Exploit Kit related post. It looks like Nuclear, and Angler EK have improved their evasion techniques in the recent update, by looking for signs of VM and security software drivers on the system. Checks include a range of files associated with common Virtual Machine software, as well as common AV product artifacts.
    2. Read More @ blogs.mcafee.com/mcafee-labs/new-exploit-kits-improve-evasion-techniques
  8. Operation Double Tap

    1. Looks like the APT3 (UPS Group) has jumped onto the bandwagon that is the recently patched Microsoft OLE Vulnerability (CVE-2014-6332). They paired it up with CVE-2014-4113, for privilege escalation. This was inevitable, as we have already seen this exploited by commodity malware, so APT groups would follow suit as well.
    2. Read More @ https://www.fireeye.com/blog/threat-research/2014/11/operation_doubletap.html
  9. Regin: nation-state possibly behind the stealthy modular spying malware

    1. Next, a very interesting read on a new piece of espionage malware dubbed “Regin” by Symantec. This looks to be another nation-state sponsored malware, due to it’s sophistication, so claims Symantec. Very interesting read. Been a while since we seen some serious nation state sponsored malware.
    2. Read More @ http://www.scmagazine.com/spying-tool-is-being-called-groundbreaking/article/385076/
  10. New PoS Malware Hits E-kiosks and Ticket Vending Machines

    1. Next, a newcomer onto the Point-of-Sale malware scene that goes under the name of “d4re|dev1|’ was discovered by researchers at IntelCrawler. It looks to support some advanced features, compared to some other POS malware and allows for remote administration, keylogging and ram scrapping, as well as a number of other features.
    2. Read More @ http://www.securityweek.com/new-pos-malware-hits-e-kiosks-and-ticket-vending-machines
  11. Twitter to start snooping at which apps you have installed – here’s how to opt out

    1. So, it looks like Twitter is looking to improve their targeted ads by collecting a list of installed apps on your mobile devices and tablets and provide tailored recommendations based on the findings. So, for the privacy conscious, you might want to opt-out, as this is opt-in by default. However, to their credit they are only collecting the list of apps, and not usage data, so it’s not as intrusive as it could be. However, if you hate the idea of unnecessary tracking, like I do, you can at least opt out of it.
    2. Read More @ https://nakedsecurity.sophos.com/2014/11/27/twitter-to-start-snooping-at-which-apps-you-have-installed-heres-how-to-opt-out/
– Otakun

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday