New month, plenty of news to go through so let’s get to it.
- First story of the week is about Anonymous and their ongoing battle with the KKK. They have released private information on Pastebin that they claim belongs to the members of the KKK. This list also includes 9 politicians as well, but the details have not been confirmed and there are a number of reports claiming that some of these people have no actual affiliation with the extremest group.
- Read More @ http://www.ibtimes.com/anonymous-begins-publishing-ku-klux-klan-member-details-online-2164710
- Next, an article by FireEye Labs on the XcodeGhost iOS malware. It looks like despite a rapid response from Apple in an attempt to stop this threat the malware is still active, and has evolved as well with additional features including an update that allows it to bypass ios9.
- Read More @ https://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new.html
- Google’s Project Zero has done a security assessment of the Samsung Galaxy S6 Edge, and found around 11 bugs, several of which were trivial to exploit that allowed them to completely compromise the security of the device and gain access to private information stored within.
- Read More @ https://threatpost.com/google-project-zero-turns-over-11-bugs-in-galaxy-s6-edge/115250/
- Next, an update to the Angler and Nuclear Exploit Kits integrated the Adobe Flash exploit from the “Pawn Storm” campaign into it’s arsenal. This is the CVE:2015-7645. This is not too surprising as the Exploit Kit authors are fairly quick on integrating new exploits as they are released.
- Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/angler-and-nuclear-exploit-kits-integrate-pawn-storm-flash-exploit/
- Next, it looks like another company is going to join Marriot on the list of companies fined by the FCC for WiFi related shenanigans. “M.C.Dean” the company that provides in house WIfi for the Baltimore Convention Center has been caught sending deauthentication frames in order to prevent clients from maintaining their connections. Naughty, naughty…
- Read More @ yro.slashdot.org/story/15/11/03/1312256/fcc-fines-another-large-firm-for-blocking-wifi?
- Next comes news of a new Cybersecurity Improvement Strategy for the U.S government. After the Office of Personnel Management breach the White House has been trying to quickly ramp up it’s Cybersecurity defense strategy and has as of this week outlined a new plan that should help take them in the right direction. The “Cybersecurity Strategy Implementation Plan” focuses on 5 key areas, that should, in theory, help avoid breaches like the one that hit “OPM”.
- Read More @ https://nakedsecurity.sophos.com/2015/11/03/us-cybersecurity-plan-wont-stop-the-government-getting-hacked-but-its-a-start/?
- Next, a technical analysis of the “Dyreza” banking trojan by MalwareBytes. I always like reading technical analysis posts like this so I figured some of you might enjoy it as well. Good read.
- Read More @ https://blog.malwarebytes.org/intelligence/2015/11/a-technical-look-at-dyreza/
- Last story of the week, a new RAT has entered the market and it’s an interesting one as it is able to target Android, Linux, Max and Windows. The RAT dubbed “OmniRAT” also costs a fraction of the price of some of the other similar RATs like “DroidJack”. Supposedly this is the first RAT that is able to target all of these different platforms. I’d love to see a good analysis of this one at some point. Seems potentially interesting.
- Read More @ apple.slashdot.org/story/15/11/05/1750257/first-remote-access-trojan-that-can-target-android-linux-mac-and-windows?