Cool News Story Bro! Week of 03-04-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hey Guys,

It’s that time of the week again, good stuff in the pipeline as usual….so let’s do it!

News Stories:

  1. Chinese ISPs Caught Injecting Ads and Malware into Web Pages

    1. First story of the week is another one that puts Chinese privacy practices into a negative light. This time major Chinese ISPs have been caught red handed injecting ads and malware into web pages, and going as far as redirecting user traffic in order to benefit ad companies and the ISP itself. Israeli researchers have detailed the practice in their research.
    2. Read More @ http://thehackernews.com/2016/02/china-hacker-malware.html
  2. ATMZombie: banking trojan in Israeli waters

    1. Next, a good write up as usual from Kaspersky on the “ATMZombie” banking Trojan targeting Israel. Really good read.
    2. Read More @ https://securelist.com/blog/research/73866/atmzombie-banking-trojan-in-israeli-waters/
  3. Card “Verification” Now Offered “As a Service” by Brazilian Cybercriminals

    1. Next, a look into the Brazillian Credit Card fraud activities. It looks like now that some crooks are offering a new card verification service, meant to validate stolen card numbers. Basically, the service does this by doing very small transactions in order to make sure the card numbers are legit. It then maintains a list to separate the good from the bad.
    2. Read More @ http://blog.trendmicro.com/trendlabs-security-intelligence/card-verification-now-offered-as-a-service-by-brazilian-cybercriminals/
  4. Snapchat snared by phishers impersonating CEO, employee data swiped

    1. So, it looks like SnapChat had a bit of a security snafu, as it fell pray to  a spear phishing attack that ended up resulting in loss of payroll data. A phisher impersonated the CEO and requested Payroll Information from the Payroll Department, and they ended up providing it, even though it was not actually the company CEO. Company has since apologized and said it would redouble their training in order to prevent this from occurring again.
    2. Read More @ https://nakedsecurity.sophos.com/2016/02/29/snapchat-snared-by-phishers-impersonating-ceo-employee-data-swiped/
  5. DROWN Attack — More than 11 Million OpenSSL HTTPS Websites at Risk

    1. Next, and arguably the biggest news this week is about yet another attack on SSL, called “DROWN” that takes advantage of weaknesses in SSLv2 to put millions of websites at risk. Granted SSLv2 has been known to be vulnerable for a long time, it is still supported by many sites for legacy reasons.
    2. Read More @ http://thehackernews.com/2016/03/drown-attack-openssl-vulnerability.html
  6. Credit Unions Feeling Pinch in Wendy’s Breach

    1. So it looks like Wendy’s has finally confirmed that the company was breached, in their preliminary 2015 annual report.While they are saying that they don’t know the extent of the breach they did confirm that a breach did occur and Card data was compromised. Initial news of a potential breach surfaced in January, but has not been officially confirmed until now. In a correspondence with Krebs on Security, Credit Union representatives have stated that a number of fraudulent transactions have occurred and that the cards were used at Wendy’s.
    2. Read More @ http://krebsonsecurity.com/2016/03/credit-unions-feeling-pinch-in-wendys-breach/
  7. U.S. Announces ‘Hack The Pentagon’ Bug Bounty Program

    1. Next comes the news of a new bug bounty program, and this time it’s by the federal government called “Hack The Pentagon”. Program is only for “vetted” hackers and it begins in April. Good news I suppose.
    2. Read More @ http://www.npr.org/sections/thetwo-way/2016/03/02/468887190/u-s-announces-hack-the-pentagon-bug-bounty-program
  8. DDoS attacks are soaring, says new report

    1. In a report by Akamai, it looks like DDoS attacks are rising, but their profile is changing. It’s not exactly surprising, though good to see some proof.
    2. Read More @ https://nakedsecurity.sophos.com/2016/03/02/ddos-attacks-are-soaring-says-new-report/
  9. Security Talent Shortage Hits Cybercrime Groups, Too

    1. This next one is interesting, though expected. It looks like the security talent shortage is affecting the bad guys as much as the good guys. Tough time for all those enterprising crooks. You just can’t find good talent anymore, tsk tsk.
    2. Read More @ news.slashdot.org/story/16/03/01/2144211/security-talent-shortage-hits-cybercrime-groups-too
  10. France could Fine Apple $1 Million for each iPhone it Refuses to Unlock

    1. So, it looks like Apple is facing a fight on encryption in France as well as at home. Potentially, they are facing a million dollar fine for every iPhone they refuse to unlock.
    2. Read More @ http://thehackernews.com/2016/03/france-apple-iPhone-unlock.html


– Otakun –

Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Friday