News recap time, and as usual we got some good stuff. Enjoy!
- First, some Ransomware news. Stats from researchers at Kaspersky show that Ransomware attacks have jumped by 500% over the last year, and show no signs of slowing down. Given the success of such malware, this is not really surprising and will continue to rise I imagine. Back up your data folks.
- Read More @ https://www.onthewire.io/crypto-ransomware-attacks-jump-nearly-500/
- Keeping up with Ransomware theme, the new variant of “CryptXXX” is out and it has some new tricks up it’s sleeve. Mainly, the decryption tools available for it seem to have been made ineffective with this update. It also includes some additional capabilities for avoiding detection, like attempting to masquerade as a legitimate dll.
- Read More @ https://threatpost.com/new-cryptxxx-can-evade-detection-outsmarts-decryption-tools/118919/
- Next, it looks like another bank has been hit for $10 million, this time the victim is a Ukranian Bank. This looks to be yet another in the string of SWIFT related bank hacks that took place over the past several months. This is the 4th bank to get hit in the same way.
- Read More @ http://thehackernews.com/2016/06/ukrainian-bank-swift-hack.html
- Next, some rather big, and not so good news for Norton, coming from the Google’s “Project Zero” team, that has discovered a number of vulnerabilities in the Norton products that they call “As bad as it gets”. Vulnerability is in the Symantec’s “decomposer engine”—a program that unpacks compressed files in order to help scan for potentially malicious ones—that’s used across Symantec’s products. “. Symantec has since acknowledged and addressed the issue in a product update.
- Read More @ http://fortune.com/2016/06/29/symantec-norton-vulnerability/
- The Cerber ransomware seems to have evolved again, this time utilizing a zero-day vulnerability in the Office 365 products in order to spread and attack those utilizing the “Office 365” e-mail platform. The Cerber ransomware has utilized several different ways of spreading since it’s inception in order to make detection and prevention difficult.
- Read More @ http://www.darkreading.com/vulnerabilities—threats/cerber-strikes-with-office-365-zero-day-attacks/d/d-id/1326070?_mc=RSS_DR_EDT
- Next, Google CEO has had his Quora and Twitter account hacked by the same hackers who broke into the account of the Facebook CEO. The “OurMine” hackers responsible claim to do this for “White hat” purposes and have said that they reported a vulnerability to Quora but the company is denying any reports from the group, and claiming that this was a case of harvested credentials from other leaks.
- Read More @ www.infosecurity-magazine.com/news/zuckerberg-hackers-hit-google-ceo/
- The Bangladesh Bank that was hit for $81 million, has apparently parted company with the security firm “Mandiant”saying that they can handle the rest of the investigation. Part of the reason for the decision seems to be the high cost of the service.
- Read More @ www.infosecurity-magazine.com/news/bangladesh-bank-parts-company-with
- A Russian APT group has targeted accounts of something like 1,800 Google users associated with the U.S military, and/or journalists. The attack seems to be based from Russia, and the group is targeting those that reside Russia, former USSR countries, those who have been critical of the Russian government and policies.
- Read More @ http://www.darkreading.com/attacks-breaches/google-accounts-of-us-military-journalists-targeted-by-russian-attack-group/d/d-id/1326069?_mc=RSS_DR_EDT
- A database containing something like 2 million records of known or suspected criminals and terrorists was leaked online and discovered by a security researcher Chris Vickery who discovered a two year old version of the database being hosted online by a third party.
- Read More @ www.infosecurity-magazine.com/news/world-check-terror-blacklist
- Today’s webcast is another one from a FireEye firm Mandiant, that takes a look at the attacks on the Middle East banks that have made the news in recent months. Great watch. Please take a look.
- Watch @ https://www.brighttalk.com/webcast/10703/210769