Another busy week, another news round up. Let’s see what’s in store!
- First story of the week is of another piece of malware from the Vault7 CIA leaks, a tool called “Pandemic” used for switching out clean files with malware through the use of SMB. Interesting read given all the focus on SMB in recent weeks.
- Read More @ https://www.bleepingcomputer.com/news/security/cia-malware-can-switch-clean-files-with-malware-when-you-download-them-via-smb/
- Next, a bit of a sensationalized headline but still significant. Researchers at CheckPoint have found evidence of a new piece of rather intrusive adware that they have called Fireball, created by a Chinese digital marketing firm “Rafotech” who spreads this adware through software bundling with other free software.
- Read More @ http://thehackernews.com/2017/06/fireball-computer-virus.html
- Next, some potentially good news for anyone infected by WannaCry. Researchers at Kaspersky have analyzed the WannaCry code and found a number of coding errors that could help you recover your files after an infection. Good read on it’s own just to get a better look at WannaCry.
- Read More @ https://securelist.com/78609/wannacry-mistakes-that-can-help-you-restore-files-after-infection/
- So, I will file this next story under “funny story of the week”. In a rather interesting way Putin has for the first time suggested that “patriotic hackers” could have been responsible for interfering in the U.S election and that they are like artists and can not be controlled. Classic.
- Read More @ http://thehackernews.com/2017/06/putin-russian-hackers.html
- For the breach of the week, this time it’s the cloud password management company “OneLogin” that has revealed news of a breach that could result in the attackers gaining ability to decrypt the password data. I like password managers, but I am not a fan of the cones that backup the vault to the cloud, etc. for this reason precisely.
- Read More @ https://krebsonsecurity.com/2017/06/onelogin-breach-exposed-ability-to-decrypt-data/
- Next, another article in regards to hiring this time taking a look at which of the big 3, skills, hiring or experience matters most as well as some other tips on this front. Good read.
- Read More @ https://www.infosecurity-magazine.com/opinions/certifications-experience
- Next, news of an Amazon server loaded with sensitive files relating to U.S intelligence and left there by a “Booz Allen Hamilton” contractor was discovered by a security researcher. Basically anyone knowing where to look would have been able to find the data in question. Not good.
- Read More @ http://thehackernews.com/2017/05/us-defense-contractor.html
- Lastly, news from Krebs of another Credit Card breach at Kmart. Second one in 3 years for the company. Not much in terms of details as of yet but PoS breaches just aren’t slowing down.
- Read More @ https://krebsonsecurity.com/2017/05/credit-card-breach-at-kmart-stores-again/