Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
New Flash Vulnerability Shares Similarities with Older Pawn Storm Exploit
Earlier this week Adobe released a security advisory (APSA16-02) which disclosed that a critical vulnerability (CVE-2016-4117) was present in versions of Adobe Flash Player. Reports also said it was being exploited in the wild. A successful exploit could cause the targeted system to crash and potentially allow arbitrary code to run on the system, allowing an attacker to take control of it. Note that Adobe has released the patch on May 12.
Ransomware is Fast Becoming the Scourge of IT Departments All Over the World
It’s risen over the past 12-24 months from a minor nuisance to a major threat – causing business disruption and damaging the brand and reputation of countless organizations. There’s no silver bullet for stopping this new malware threat. But take the time to put in place layered protection, coupled with other preventative measures, and you stand the best chance of mitigating the risk of infection.
Flashlight App Spews Malicious Ads
Not all Android phones come with a built-in flashlight feature in its operating system. Users would have to download flashlight apps to have this utility on their phone. Chances are, these apps will come with updates and ads. Imagine that, flashlights with updates and ads. And while this may seem normal with how apps operate, one flashlight app that’s available in Google Play shows ads that goes beyond the annoying and tells users that their mobile unit is infected with malware.
New Ransomware Goliath is Up for Sale in the Deep Web
Malware and computer forensics expert Lawrence Abrams has uncovered a site in the deep web a week ago advertising its ransomware-related products and services. The site, named “Hall of Ransom,” can be accessed through the Tor network and sells the Locky ransomware for $3,000. Locky infiltrates the system through a malicious macro in Microsoft Word document sent as email attachments to its victims.
Chinese-Language Ransomware Makes an Appearance
Whenever a threat is “localized” to a specific region, it’s a sign that attackers believe there is money to be made. Ransomware has made millions of dollars around the world, and it looks like it’s poking its nose into a new part of the world: China. However, the initial foray into this market made several mistakes. We recently came across multiple samples of what appeared to be Chinese-language ransomware. We detect this as Ransom_SHUJIN.A.
Approximately 117 Million LinkedIn Emails and Passwords Have Been Hacked
A hacker is trying to sell the account information, including emails and passwords, of 117 million LinkedIn users. The hacker, who goes by the name “Peace,” told Motherboard that the data was stolen during the LinkedIn breach of 2012. At the time, only around 6.5 million encrypted passwords were posted online, and LinkedIn never clarified how many users were affected by that breach.
The Next Cyberattack Front Could Be Your Car
For the many folks concerned about cyberthieves hacking emails and stealing personal information from online accounts, here comes another worry: A cyberattack on your car – while you’re driving. That’s one of the threats outlined in a report on “Vehicle Cybersecurity” by the Government Accountability Office (GAO). The computerized gadgets that make late-model cars safer and more fun to drive also provide an entry for thieves, terrorists and thrill seeking geeks.
Anonymous Launches U.S. Government Cyberattack in Protest Against ‘Bathroom Bill’
A hacker affiliated with the notorious Anonymous collective has launched a series of cyberattacks against government portals in North Carolina to protest against the so-called ‘bathroom bill’ – which has been criticized by many as being anti-LGBT. The attacks were focused on a number of domains, including the main government portal (nc.gov) and the website of US governor Pat McCrory, who has been a vocal defendant of the controversial proposals.
There’s New Cyberattack Evidence of a ‘Highly Adaptive Campaign Targeting Banks’
The SWIFT messaging network is used by banks to transmit instructions for money transfers around the world. But hackers utilized the network to steal $81 million from Bangladesh’s central bank in February. Now, SWIFT (an acronym for Society of Worldwide Interbank Financial Telecommunication) says a second bank was attacked. Forensic experts said the latest security breach is evidence that they’re facing “a wider and highly adaptive campaign targeting banks,” according to a statement from SWIFT.
SEC Says Cybersecurity is the Biggest Risk to the Global Financial System
Cyber security is the biggest risk facing the financial system, the chair of the U.S. Securities and Exchange Commission (SEC) said on Tuesday, in one of the frankest assessments yet of the threat to Wall Street from digital attacks. Banks around the world have been rattled by a $81 million cyber theft from the Bangladesh central bank that was funneled through SWIFT, a member-owned industry cooperative that handles the bulk of cross-border payment instructions between banks.
U.S. Presidential Campaigns are Under Cyberattack
Cyber hackers — possibly working for foreign governments — are trying to infiltrate the Democratic and Republican presidential campaigns, a senior U.S. intelligence official said Wednesday. “We’ve already had some indications of that,” James Clapper, the director of national intelligence, said in Washington. During the 2008 presidential campaign, U.S. intelligence agencies traced massive cyberattacks to China. At that time, both the Democratic candidate, now-President Barack Obama, and his Republican rival John McCain, were targeted.
One Hacker Cost British Airways £100,000 in His Cyberattack
A hacker cost British Airways £100,000 by taking down their website for an hour in a cyberattack, a court heard. Paul Dixon, 23, is also accused of disabling the websites of Durham Police, Police Scotland and video game retailer CeX.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.