Another news week is here, and it’s a bit slow but still got some good stuff for your reading pleasure. So off we go!
- First story of the day is of a new targeted campaign that’s levering the popular messaging app LINE in the attack. Or rather, a phishing campaign claiming to contain the LINE installer when it’s actually a backdoor. Campaign looks to be targeting the Taiwanese government.
- Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/messaging-application-line-used-as-a-decoy-for-targeted-attack/
- Next, a story on the privacy front. It looks like the French parliament has approved what’s been called the “French Patriot Act” in some circles, that grants similar surveillance powers to government agencies. This was to some degree expected after the Charlie Hebdo attack, but you would have hoped that they would have learned from the spectacular failure that the “Patriot Act” was here. Sad news for privacy advocates.
- Read More @ http://www.bbc.com/news/world-europe-32587377
- Next, a story by Krebs about an online marketplace that facilitates sales of stolen account credentials from various services like Netflix, DirecTV, XBL, PSN, etc. and allows payments through PayPal. That’s fairly unusual as most of these places usually only deal with BitCoin.
- Read More @ http://krebsonsecurity.com/2015/05/payivy-sells-your-online-accounts-via-paypal/
- Microsoft is suing a specific Verizon IP that is responsible for activating pirated Windows products. There are additional details on the suit after the link.
- Read More @ http://www.afterdawn.com/news/article.cfm/2015/05/05/microsoft-sues-ip-address-that-allegedly-activated-hundreds-of-pirated-windows-products
- Next, some good news on the privacy front. The U.S court has ruled that the NSA phone surveillance program is considered illegal. This is good news for privacy advocates, and hopefully leads to some positive changes in that regard when it comes to government surveillance. Now if only we could make sure the “Patriot Act” is not renewed.
- Read More @ http://thehackernews.com/2015/05/nsa-phone-surveillance.html
- Next, an article from CISCO looks at a new piece of malware with some very interesting anti-analysis techniques. The “Rombertik” malware basically turns into a wiper malware if it detects it’s being analyzed, causing destruction to the system. While Wiper malware is not knew, using destructive techniques to counter analysis is fairly uncommon. Very good read.
- Read More @ http://blogs.cisco.com/security/talos/rombertik
- Microsoft has announced that Patch Tuesday will be a thing of the past starting with Windows 10. Instead of deploying batch of patches once a month Microsoft plans to make patches available as they are ready, instead of saving them up. This is good news, as it minimizes the time machines will remain vulnerable, due to the wait for Patch Tuesday.
- Read More @ http://www.darkreading.com/vulnerabilities—threats/beginning-of-the-end-for-patch-tuesday/d/d-id/1320331?_mc=sm_dr&hootPostID=2fe014bcc76231b3ea8c74d4ac34e9de