Security Briefing 7.14.17
Petya ransomware.. WannaCry variant, encrypts MBR/exploits SMB protocols in the same vein. No killswitch. This is stopped by the MS17-010 security patch, disabling TCP port 445, and restricting local administrator access. Petya already has taken thousands of computers hostage, impacting companies and installations ranging from Ukraine to the U.S. to India. It has impacted a Ukrainian international airport, and multinational shipping, legal and advertising firms. It has led to the shutdown of radiation monitoring systems at the Chernobyl nuclear facility.
Avanti Markets, which specializes in self-serve food kiosks typically located in company breakrooms, said an undisclosed number of its 1.5 million customers may have had their personal and bankcard data compromised along with stored biometric data. The company, based in Tukwila, WA, said on July 4 it discovered a “sophisticated” malware attack against a number of its kiosks, used for self-checkout at one of its 5,000 so-called micro-markets. Customers have a “Pay with Fingerprint Scanner” option.
Police in the US state of New Mexico are crediting a smarthome device with saving the life of a woman and her daughter who were being held captive by a man who unintentionally told the device to call the sheriff. As ABC News tells it, Barros allegedly held up a firearm and threatened to kill the woman, asking her: “Did you call the sheriffs?” The utterance triggered a smart speaker – we don’t know what type; the police had initially and erroneously said it was a Google Home device – that was hooked up to a surround sound system inside the home. The speaker recognized Barros’ utterance as a voice command and called emergency services.
China’s “Great Firewall” is being tightened even further, according to Bloomberg, which reported on Monday that Beijing has told state-run telecoms companies to block access to VPNs by February 1 2018.
An ongoing internet outage is costing Somalia some $10m a day, according to the Somalian government. The outage, which began more than two weeks ago, happened when an undersea fiber-optic cable was accidentally damaged, apparently by a large ship.
Ukraine, which has been the victim of cyber-attacks ranging from those taking out its power stations to being the main victim and likely focus of the Petya outbreak last month, is getting support from NATO to help protect it against further attacks.
The New York Times and Bloomberg revealed last week that the FBI and the DHS had issued a joint report warning of cyberattacks targeting manufacturing plants, nuclear power stations and other energy facilities in the U.S. and elsewhere. Unnamed officials said the attacks hit at least a dozen power firms in the United States, including the Wolf Creek nuclear facility in Kansas. These attacks use techniques akin to what Russian threat actors have used in the past.
A security researcher says an audio driver is recording every keystroke entered, accessible to any person or malware that knows where to look, on some HP laptop models. HP issued a hotfix for this and apologized stating the code ‘was not meant for production.’
Please make sure to regularly update your phone operating systems. It’s very important.