Security Briefing – 1-23-2018
Russian authorities have uncovered a massive fraud ring that installed malicious software at gas pumps making customers think they were getting more fuel than they were. In fact they were pumping up to 7% less than they were being charged for, according to Russian news source Rosbalt.
Uber has fixed a security bug that could’ve allowed an attacker to hack into user accounts by bypassing two-factor authentication, after the ride-sharing company initially said the flaw wasn’t a “particularly severe” issue. The company quietly issued a fix shortly after ZDNet first revealed the bug on Sunday.
Intel on Monday warned that you should stop deploying its current versions of Spectre/Meltdown patches, which Linux creator Linus Torvalds calls ‘complete and utter garbage.’
Seagate recently patched several vulnerabilities discovered by researchers in the company’s Personal Cloud and GoFlex products, but some weaknesses impacting the latter remain unfixed.
The authors of the Satori IoT malware family have dramatically increased their pool of bot recruits for attack botnets with a latest version of the tool targeting systems running ARC processors. ARC processors are 32-bit power-efficient CPUs that are used in a wide range of applications including automotive, industrial, and IoT. More than 1.5 billion embedded systems containing ARC cores ship every year, including electronic steering controls and infotainment systems in cars, as well as personal fitness bands and digital TV set tops, and smart thermostats.
Three Sonic the Hedgehog games for Android, downloaded over 100 million times, are at risk of leaking user geolocation and other personal device data to suspicious servers, putting users at risk of man-in-the-middle attacks and similar type vulnerabilities, according to security experts. (Sonic the Hedgehog Classic, Sonic Dash 2: Sonic Boom and Sonic Dash)
OnePlus has confirmed that up to 40,000 customers have been affected by a credit card breach, in the latest embarrassing misstep for the Chinese handset maker.
A Google security researcher has discovered a severe vulnerability in almost all Blizzard games that could allow remote attackers to run malicious code on gamers’ computers. Google’s Project Zero team researcher Tavis Ormandy discovered that the Blizzard Update Agent is vulnerable to a hacking technique called the “DNS Rebinding” attack that allows any website to act as a bridge between the external server and your localhost. This allows privileged Javascript code to be ran from the agent. A fix is ‘in the works.’
A variant of the Dridex banking trojan recently popped up in an email campaign, with an unusual twist: The attackers used compromised FTP sites for hosting malicious documents, according to researchers at Forcepoint. It was a notable departure from the norm of using HTTP links and could represent the start of a new trend.