Security News for Monday, March 7 2016

We have posted numerous articles over the years about ransomware that targets systems running Windows  but this article discusses a variant found in the wild that targets systems running Mac OS X. From the article:

The problem was first detected Friday, when a team of researchers at Palo Alto Networks found a popular BitTorrent client for Apple’s OS X software for Macs that was infected with the ransomware, which they have dubbed “KeRanger.” The BitTorrent software in question is Transmission, which Mac users can install on Apple’s OS X operating system and then use to access shared files in so-called torrent swarms (which, let’s not lie, is usually pirated content).

By now, most people are familiar with the term Internet of Things (IoT), a term that applies to pretty much any device in your home that connects to the Internet. This can include home monitoring systems, alarms, thermostats, and the like. This article provides 7 tips for securing IoT devices on your network. It is worth mentioning that many manufacturers are rushing these devices to the market with security as an after-thought. From the article:

If you ignore the cool-sounding name, however, an IoT device is really just another computer, but one where you don’t have much say in what software runs on it, or whether it can be patched properly, or even secured at all.

Intriguingly, we often like to poke fun at these devices – after all, what are you really going to do with an internet-enabled kettle? – and to remind everyone else that we don’t need them, even as we rush out and buy them because we like them.

Posted in Security News | Leave a comment

Security News for Wednesday, February 17 2016

There have been several articles in the news this past week regarding the recovered iPhone 5c that authorities have tied to one of the San Bernardino Shooters. As of yet, authorities have been unable to bypass the security lock on the iPhone and a judge in California has now ordered Apple to assist the FBI in unlocking the device. Now, Apple is stating that they will not assist the FBI because doing so would require them to build a “backdoor” for the iPhone. lastly, this article discusses whether or not Apple even has the capability to comply with the court order (the author believes the do).

This article is reporting that a hacker has released ransomware on a California hospitals network and is demanding a large bounty for the decryption keys.  As of today, the hospital computers have been down for more than a week. From the article:

The problem is so severe that the hospital authorities are transferring patients to other hospitals because of the outage. The ransomware has taken the connected medical devices and portals offline, as well. What is worse that the ransomware hackers are reportedly asked for more than $3.6 million to decrypt the system and the hospital’s files, CSO reports.

To help tide over the crisis, the hospital staff has now shifted to manual mode of working and using fax machines and landline telephones to get work done.

Also on the topic of ransomware, this article discusses a new strain seen in the wild dubbed “locky” as it encrypts important files and renames all file extensions to ‘.locky’. As with all ransomware you will be forced to pay for the decryption key (in this case anywhere from $200 – $400). The article also goes on to provide tips for avoiding ransomware so it is definitely worth taking a few minutes to look over.

Posted in Security News | Leave a comment

Security News for Tuesday, February 9 2016

By now we have all seen the news about criminals placing skimmer devices on ATM’s and gas pumps in order to steal credit card data. Originally skimmers were somewhat bulky and fairly easy to identify. Over the years skimmers have been designed to better integrate with ATM machines and gas pumps. According to this article, criminals are now taking it one step further by inserting skimmers into the data cables plugged into ATM machines typically found in gas stations and convenience stores. From the article:

In an alert sent to customers Feb. 8, NCR said it received reliable reports of NCR and Diebold ATMs being attacked through the use of external skimming devices that hijack the cash machine’s phone or Internet jack.

Posted in Security News | Leave a comment

Security News for Monday, February 8 2016

According to this article, an anonymous hacker has threatened to release the “names, job titles, email addresses and phone numbers of over 20,000 supposed Federal Bureau of Investigation (FBI) employees, as well as over 9,000 alleged Department of Homeland Security (DHS) employees”.  From teh article:

On Sunday, Motherboard obtained the supposedly soon-to-be-leaked data and called a large selection of random numbers in both the DHS and FBI databases. Many of the calls went through to their respective voicemail boxes, and the names for their supposed owners matched with those in the database. At one point, Motherboard reached the operations center of the FBI, according to the person on the other end.

This article is reporting that the Dridex botnet has been hijacked to send its users free antivirus applications rather that malware as was its intended purpose. From the article:

A botnet (a term formed from the words robot and network) is a group of Internet-connected computers communicating together to complete repetitive tasks and objectives, often used to send spam, push malware, or participate in distributed denial-of-service (DDoS) attacks. The Dridex botnet leverages Microsoft Word macros to infect systems (usually via a malicious email), after which attackers use it to steal banking credentials and other personal information via transparent redirects and injections to manipulate websites.

And yet, someone decided that Dridex should not serve its malicious payload anymore. Instead, it’s now delivering a clean, signed copy of Avira Free Antivirus.

This article provides 5 steps to “make your digital self less attractive to hackers, phishers and overly aggressive marketers”.  While the tips provided in this article seem simple, they will definitely increase your personal security posture.

Posted in Security News | Leave a comment

Security News for Wednesday, January 27 2016

Like most things, cars are becoming more and more advanced and rely more heavily on computer technology. Like most technologies that evolve rapidly, security seems to be an after-thought. Not surprisingly, and according to this article, security experts claim that hacking cars is easy. From the article:

Security researchers from the University of Washington and the University of California, San Diego took to the stage at a conference on Tuesday to describe how they were able to remotely break into vehicle electronics through an array of security holes. Speaking at the Enigma Security Conference in San Francisco, they discussed how cars have evolved over the years into computers on wheels that crafty hackers can penetrate under the right circumstances.

Posted in Security News | Leave a comment

Security News for Monday, January 25 2016

This article is reporting (not to the surprise of most) that hospitals, doctors, and insurance companies are not doing enough to protect your private medical data. While the survey discussed in this article was conducted in the UK, the information is also valid here in the United States. From the article:

Although encryption of laptops and USB drives is mandated by law, and 84% of respondents believe encryption is becoming a necessity, encryption is not broadly used:

– Only 10% say that encryption is “well established” within their organization.
– Only 59% encrypt email.
– Only 49% encrypt files shared on the network.
– Only 34% encrypt data stored in the cloud.

One would think that in this day and age, people would make an effort to choose strong passwords in order to safeguard their data. According to this article which looks at 25 of the weakest passwords from 2015, people still look for shortcuts and choose easy to remember passwords. From the article:

Clearly, we’re still bad at creating secure passwords, despite all the warnings about data breaches and cybercriminals out to get us.

The list has remarkable consistency to last year’s: nine of the top 10 passwords from 2014 also made the top 10 for 2015 – “dragon” dropped from #9 to #16 – with some slight reordering (e.g., “12345” moved from #3 in 2014 to #5 on 2015’s list).

Posted in Security News | Leave a comment

Security News for Friday, January 15 2016

This article is reporting that the US National Intelligence Director’s online accounts have been targeted by hackers. It is worth noting that personal accounts were breached which technically should not contain any classified data.

The “teenage” hacker(s) who last year breached the personal AOL email account of CIA Director John Brennan is supposedly back in action targeting the online accounts of James Clapper, director of National Intelligence.

Evidence that online accounts associated with Clapper’s household have been compromised were shared with the Office of the Director, a U.S. intelligence official familiar with the matter told Fortune. The hackers appear to have gained access to the personal Yahoo email account of Clapper’s wife, Susan Clapper, as well as a Verizon  FiOS account linked to the family’s home phone number.

According to this article, Microsoft has stopped supporting Internet Explorer versions 11 and under as of this past Tuesday. From the article:

Our concern, given that as many as 10% of users in the world still seem to be running Windows XP, which hasn’t been patched against security holes (privately or publicly known) since mid-2014, is that equally many people on Windows 7 may take a similar attitude and resist upgrading to Internet Explorer 11, on the grounds that “the old one still works, so why risk changing anything?”

The problem, for desktop Windows users at any rate, is that the Internet Explorer cumulative update that was published by Microsoft on Tuesday 12 January 2016 (MS16-001) is the last ever update for Windows 7 that will patch IE 8, 9 and 10.

Posted in Security News | Leave a comment

Security News for Thursday, January 7 2016

The past several years have seen major data breaches including the Target and Anthem Insurance hacks which exposed millions upon millions of sensitive records. The tide may now be shifting to attacks against power grids and infrastructure. This article discusses the recent power outage in Ukraine that was caused by malware as well as the future of attacks against infrastructure.  From the article:

First reported by Ukrainian news agency TSN (surfaced by Ars TechnicaArs Technica), the December 23rd malware-based attack disconnected a handful of electrical substations, leaving hundreds of thousands of homes in a particular region of the country without power. If officially confirmed, it will be the first known case of a mass power outage caused by hackers.

According to this post, Time Warner Cable may have suffered a data breach that exposed records for 320,000 of its customers. From the post:

“Approximately 320,000 customers across our markets could be impacted by this situation,” Eric Mangan, director of public relations, was quoted by VentureBeat as saying.

“To protect the security of these customers, we are sending emails and direct mail correspondence to encourage them to update their email password as a precaution.”

Posted in Security News | Leave a comment

Security News for Thursday, December 17 2015

According to this article, the online hacker group known as Phantom Squad has announced that they plan to launch distributed denial of service (DDos) against PlayStation Network and Xbox Live this Christmas. Such an attack could render these sites unusable. From the article:

This could cause a big problem, because a lot of people are expecting to receive new gaming consoles on Dec. 25.

If Phantom Squad is successful, this would be the second year in a row that these gaming networks go offline.

Posted in Security News | Leave a comment

Security News for Tuesday, December 15 2015

It’s a quiet news day today…..

This brief article shows how to enable security settings prevent people from looking up your Facebook account via email your email address or phone number (this is enabled by default in Facebook for some reason).

Posted in Security News | Leave a comment