Welcome to another news recap, good stuff as usual…so let’s get going.
- First, a grim story unfortunately, Tanvir Hassan Zoha the researcher that was investigating the Bangladesh Bank Heist has disappeared. He has made some comments about the bank’s leadership and lack of proper security procedures that led to the heist. Belief is that these comments were the reason for his disappearance.
- Read More @ http://thehackernews.com/2016/03/bank-hacking.html
- So, it looks like the FBI vs Apple saga has come to a rather anticlimactic end as the FBI has filed a motion to “vacate” the hearing. Essentially, they are saying they found a way to get into the phone without Apple’s help.
- Read More @ https://threatpost.com/fbi-drops-its-case-against-apple/116918/
- Continuing on from the above story, the firm supposedly helping the FBI unlock the iPhone in question is an Israeli mobile forensics firm “Cellebrite”. The link bellow has a video showing the process they advertise for unlocking iPhones.
- Read More @ http://thehackernews.com/2016/03/unlock-terrorist-iPhone.html
- So, next another story on the much heated encryption debate that followed the Paris attack. Arguments being that the terrorists utilized encryption for communication. Well it turns out that was not the case and that actually they used burner phones. So maybe now we can stop using that in the anti-encryption arguments…one can hope.
- Read More @ https://yro.slashdot.org/story/16/03/21/2020223/paris-terrorists-used-burner-phones-not-encryption-to-evade-detection
- Next, ransomware continues to be an issue, and again this week a story about the Locky ransomware, as it continues to make a name for itself. This time around it seems like Locky has caused a Kentucky hospital to declare a state of emergency due to the malware infection. However, the hospital has said they did not pay the ransom, and that their systems are back up and running. The infection vector seems to have been a malicious email that the hospital employee clicked on to get his machine infected, and it spread from there. Make sure those backups are in place folks.
- Read More @ https://threatpost.com/locky-ransomware-causes-internal-state-of-emergency-at-kentucky-hospital/116949/
- Next, it wouldn’t be a news recap without another breach. Verizon Enterprise Solutions, the part of Verizon that actually deals with providing forensics services when breaches occur has themselves been breached and the customer data stolen, and put up for sale on an underground forum, according to KrebsOnSecurity. Data on 1.5 million customers was taken and is being sold for $100,000. Not great when a company providing security services gets breached.
- Read More @ http://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-customer-data/
- Next, U.S has indicted 7 Iranians accused of hacking of hacking as many as 47 U.S financial institutions between 2011 and 2013. They were also accused of conducting DDoS attacks as well causing damages to the affected businesses. Not sure how much this will do, given that Iran is not likely to care or extradite them, but hey, it shows at least intent to pursue.
- Read More @ http://www.npr.org/sections/thetwo-way/2016/03/24/471731469/u-s-indicts-7-iranians-accused-of-hacking-u-s-financial-institutions
- In a related story, 2 members of the Syrian Electronic Army have also been added to the FBI’s list of most wanted cybercriminals. “The Pro” and “The Shadow” have been responsible for a number of spear phishing attacks that the SEA group has conducted in the past and are now on the FBI’s radar.
- Read More @ https://nakedsecurity.sophos.com/2016/03/24/fbi-adds-two-syrian-electronic-army-hackers-to-cyber-most-wanted-list/
- Next, some good news for anyone using Office. Microsoft is deploying a new macro blocking feature for the Office suite, which should hopefully help contain the number of malware infections that utilize malicious macros to infect the unsuspecting user’s machine. There has been a rise in these types of attacks in recent years, so this is a good move from Microsoft.
- Read More @ https://threatpost.com/microsoft-deploys-macro-blocking-feature-in-office-to-curb-malware/116960/
- Next, Apple seems to have some concerns that some of the technology they are using, mainly servers and cloud services, for their cloud services might be compromised to allow for government spying. Apple is unable to maintain the infrastructure necessary to manage all of the data it’s cloud services demand and has as a result bought and used services from 3rd party providers, but they are not confident that those services are not compromised to allow government access to their data. It’s certainly possible, and not everyone takes a hard line stance against the FBI as they did. Wouldn’t rule anything out.
- Read More @ https://apple.slashdot.org/story/16/03/23/2312208/apple-worries-that-spy-technology-has-been-secretly-added-to-the-computer-servers-it-buys
- Lastly, MITRE the firm responsible for tracking and reporting CVEs (Common Vulnerabilities and Exposures) is trying out a new system that is suppose to be easier to use than their previous one which has been labeled “manual and slow” by some. This new system will exist in line with the old one and will not be replacing it though.
- Read More @ http://www.scmagazine.com/mitre-piloting-improved-cve-vulnerability-reporting-tracking-system/article/484210/