It’s a hot summer news recap this week, hope you are staying cool. Now let’s see what hot news we got for the week.
- First story of the week is about a Chinese ad firm that has infected over 85 million users with their intrusive adware. The company “Yingmob” uses drive by downloads as an infection vector and acts as a rootkit once installed, downloading additional applications, and generating revenue from ads.
- Read More @ http://thehackernews.com/2016/07/android-malware-china.html
- Next, a social engineering tale, coming the way of Reddit. Apparently a user had his Facebook page hacked basically by being persistent with Facebook support, and providing fake ID info. As a result he was able to change the e-mail tied to the account and even get them to disable 2 factor authentication. Kid of amazing fail on the side of FB.
- Read More @ https://nakedsecurity.sophos.com/2016/07/06/hacker-talks-into-facebook-account-reddit/
- Next, a bit of an introductory post about TOR, for those interested in anonymity online. I know most of the people reading this site are likely to know what TOR is and probably use it, It’s a good write up for those interested but not aware of this awesome service.
- Read More @ https://nakedsecurity.sophos.com/2016/07/06/the-dark-web-just-how-dark-is-it/
- Leading nicely into another TOR related story, this one is pretty interesting. A pair of researchers from Northeastern University has discovered over a 100 nodes used for searching out and attacking TOR Hidden Services, attempting to compromise them and take over. No information is available on who might be behind these attacks, and the TOR project is aware of this attack being possible and is working on addressing the issue.
- Read More @ https://boingboing.net/2016/07/01/researchers-find-over-100-spyi.html
- Researchers from the University of Florida claim to have come up with a way to stop ransomware attacks in its tracks. The system isn’t about preventing the malware from reaching the system, but rather by letting it encrypt a few files and then stopping it from completing the job. The system works by watching the filesystem, and then taking action. The early results seem promising, though no software has been released as of yet for the public use. Keep an eye on this one.
- Read More @ http://phys.org/news/2016-07-extortion-extinction-ransomware.html
- Lot of ransomware news this week, and this next one is good news though as there is a decrypter availabe for the MIRCOP ransomware. Thanks goes out to the researchers at Trend Micro for this tool.
- Read More @ http://news.softpedia.com/news/free-decrypter-available-for-download-for-mircop-ransomware-505976.shtml
- This week, another high profile social media account hack, this time it’s the Twitter CEO Jack Dorsey. The same hackers responsible for breaching the account of the Google and Facebook CEO’s took credit for this one as well. The “OurMine” group claimed to be “testing security”.
- Read More @ http://thehackernews.com/2016/07/twitter-ceo-hacked.html
- A new targeted campaign utilizing the Adwind RAT was discovered by Danish security researchers. The campaign seems to be targeting business in Denmark only, so far and utilizes a Java attachment that carried the Adwind RAT and yet it went undetected by the AV’s on VirusTotal.
- Read More @ http://news.softpedia.com/news/new-adwind-rat-campaign-with-zero-av-detection-targets-businesses-in-denmark-505974.shtml
- Next, a researcher from Trustwave, in the process of reverse engineering the Hawkeye keylogger ended up discovering the e-mail inbox of the admin behind the keylogger. By following a chain of e-mail redirection he was able to discover the inbox of the admin itself. Good stuff.
- Read More @ http://www.theregister.co.uk/2016/07/05/trustwave_reversing_hawkeye_keylogger_inbox/
- Next, a post from Kaspersky takes a look at the “Dropping Elephant” APT campaign, targeting the Asian region. The campaign utilizes ready made tools and a high degree of social engineering in order to accomplish it’s objective. Good read
- Read More @ https://securelist.com/blog/research/75328/the-dropping-elephant-actor/