Security Briefing 2.2.17
US border agents are asking travelers to hand over their phones and access to their online accounts – be it Facebook, bank accounts, text messages and/or photos – according to a Houston immigration lawyer. This is based on the recent freeze of allowing non-green card holding immigrants back into the United States by President Trump.
A recently detected spam campaign uses phony bank transfer emails to distribute a piece of malware that can steal information stored in browsers, log keystrokes and steal Bitcoin from crypto-currency wallets. All spam messages include an attachment with the word ‘swift’ in it: swift copy_pdf.ace, swift copy.zip, swift_copy.pdf.gz, etc. The interesting thing is that the crypto-currency stealer targets at least 24 variations of cryptocurrency, not just Bitcoins.
If you’re ever asked to login to your Netflix account via email, you shouldn’t do that. It’s a popular target based on the subscriber base of 93 million users. A new piece of malware is being distributed via a Netflix login generator (sign up to get a free Netflix subscription or login to your account). Ransom is $100 worth of bitcoins to decrypt contents of c:\users on Windows 7 and 10 machines.
Upper level NATO members were targeted by a very elaborate hack; a RTF document that has no malicious code in it, but once opened, activates Flash and OLE objects that do various things. Interestingly, the person or group behind this realized that researchers were investigating this hack and changed the payload to distribute junk data. These advanced techniques are typically seen by the Russians.
A hotel in Austria has been repeatedly targeted for Ransomware on an interesting computer; the one that controls the electronic key cards. Once the ransomware is on the infected computer, the key card system is unable to issue any more cards and the cards issued will no longer work. Hackers demanded $1,600 in bitcoins and- out of options- the hotel management paid it.
The European Union has a law that requires those doing business in the EU to securely collect, store, and use personal information by 2018 (General Data Protection Regulation). Recent studies have shown that a scary number of EU businesses are nowhere near ready for this, which could lead to legal implications. The process for complying with the GDPR is fairly involved, requiring documentation and processes in addition to security compliance.