Security Briefing – 12.5.2017
PayPal announced on Friday that a $238 million company it purchased in July has been chewed through by the hacker moths. Following PayPal’s purchase of the Canadian company – TIO, which runs a network of over 60,000 utility and bills payment kiosks across North America – it found evidence of unauthorized access to TIO’s networks and hence suspended TIO’s operations.
AirBnB-goers have recently been finding hidden webcams .. sometimes as motion detectors, sometimes as blatant IP cameras facing a bed that were “used to record sex parties of consenting individuals” by the owner of the AirBnB. This has been going on for some time, but recently it has been discovered more and more. Better off staying at a real hotel.
Two newly discovered .NET-based ransomware families are using open source repositories to encrypt users’ files, Zscaler security researchers say. Dubbed Vortex and BUGWARE, the two ransomware families have been seen in live attacks carried out via spam emails containing malicious URLs. Both of the new malware families are compiled in Microsoft Intermediate Language (MSIL) and have been packed with the ‘Confuser’ packer.
A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails bypassing anti-spoofing mechanisms. Discovered by security researcher Sabri Haddouche, the set of vulnerabilities, dubbed MailSploit, affects Apple Mail (macOS, iOS, and watchOS), Mozilla Thunderbird, several Microsoft email clients, Yahoo Mail, ProtonMail, and others. Email spoofing is an old-school technique, but it works well, allowing someone to modify email headers and send an email with the forged sender address to trick recipients into believing they are receiving that email from a specific person.
A pervasive and long-running malware operation that used more than 460 different botnets and infected more than 1.1 million computers a month has been derailed in a yearlong operation by global law enforcement and cybersecurity vendors. The FBI, Europol’s European Cybercrime Center, Joint Cybercrime Action Task Force (J-CAT), Eurojust, and Germany’s Luneburg Central Criminal Investigation Inspectorate, along with Microsoft and ESET, on November 29 officially took down the so-called Andromeda network of botnets that spread Gamarue aka Wauchos malware. One of the largest malware operations in the world, it spread the malware via multiple botnets.
A software developer at the National Security Agency’s elite Tailored Access Operations (TAO) hacking unit has pleaded guilty to unlawfully bringing home sensitive agency data that later ended up getting stolen from his personal computer by Russian state-sponsored actors. Nghia Hoang Pho faces up to eight years in prison for removing highly classified NSA data from workplace and storing it at home.