• Search for:
    Numbers and letters on a black background. Cyber attack is written in red. a Hijack could happen to you
    24Jan, 2017
    Security Briefing 1.24.17

    The way Facebook handled videos – via ID # — allowed for anyone to essentially hijack and delete any video at all on the site, Dan Melamed said Monday. Facebook paid a researcher $10,000 for finding this vulnerability last summer – it was immediately patched.

    A newly discovered Twitter botnet has been lying dormant for over three years, although it includes more than 350,000 bot accounts, researchers at the University College London have discovered. Strangely, the bots only tweet things relating to Star Wars, hence Star Wars botnet.

    Dovecot, an IMAP mail server, has recently been hailed as being ‘nearly impenetrable’ from a security standpoint by German security team Cure53. Dovecot is the most popular IMAP mail server in the world, accounting for 68% of IMAP servers.

    The team at SplashData took a look a look at more than five million passwords that were stolen from enterprises and leaked to the public last year to get a feel for the types of authentication secrets people use in real world. The results aren’t pretty. 123456 was the most commonly used password, followed by password.

    The United States Army has an initiative called ‘Hack the Army’ where they pay researchers and hackers to diagnose vulnerabilities. Last year they received 400 bug reports and paid more than $100,000 to hackers who found 18 unique bugs. This is becoming more of a common trend—having the good guys diagnose problems and pay them before the bad guys can figure them out.

    In a recent post on their official blog, Israel Defense Force (IDF) detailed how Hamas operatives used social engineering to trick IDF soldiers into installing malicious apps on their phone that allowed for easy eavesdropping, all by using some of the oldest tricks in the book. Fake profiles of pretty women who were really, really, interested in them, then convince them to download an app to talk outside of Facebook.

    A college that sacked its IT administrator is claiming that he took his admin password with him, wiped it clean off his work PC (and “damaged” the machine to the point where it’s no longer usable), thereby rendered the school incapable of accessing its Gmail account, deprived some 2,000 students of their email and coursework, and is now suing him for $250,000 in damages. The ex-IT administrator has offered to help, for $200,000.

    We all knew it would happen eventually. The Islamic State has plenty of money for bad things, but super drones – like the ones we use – are astronomically expensive. So it is much easier to take hobby drones and fashion bombs out of them. In fact, in October, 2 Kurdish fighters were killed when they were inspecting a drone they shot down that detonated.

    blue background with the text "hack" spotlighted in red. could represent MongoDB Files
    10Jan, 2017
    Security Briefing 1.10.17

    Several unsecured MongoDB files compromised since December 2015 – identities of millions, including 3.3 million adults and children Hello Kitty fans, published online. Sanrio stated in 2015 that no one had compromised the data of its users from the MongoDB Files, however recently a database was found on LeakedSource that contained personal information of 3.3 million users, including nearly 185,000 people under the age of 18.

    Russia actually pulled the trigger on blocking LinkedIn nation-wide as well as pulling the application from mobile device stores. Russian courts ruled that LinkedIn, a popular social networking site for professionals, has breached the country’s data protection rules and has actually blocked the site nation-wide.

    A second variant of the Shamoon 2 malware discovered by researchers at Palo Alto Networks has been set up to target virtualization products, likely in an effort to increase the impact of the attack and make recovery more difficult for targeted organizations. These attacks are disk-wiping scheduled malware targeted at Saudi Arabian organizations and some other organizations in the Persian Gulf targeted at virtual desktop infrastructure.

    Following the Intelligence Community report blaming Russia for both the Democratic National Committee hack in 2016, and for attempting to influence the presidential election in favor of Republican Donald Trump, the Democrat Governor of New York has now introduced new cyber security proposals to his January State of the State address. This includes establishing a cyber incident response team (CIRT) from other national agencies, to help state agencies and local governments who are hit with cyber attacks and scaling punishment for harsher crimes.

    A snippet of malicous code designed to crash Mac OS machines is being delivered through drive-by downloads as part of a campaign designed to trick users into calling a fake tech support service, security researchers warn. This is rendered useless by upgrading to Sierra 10.2.2 or higher. Macs historically have been less prone to browser hijacks and drive-by downloads, so this is a bit concerning.

    Nintendo released Super Mario Run for iOS devices, but did not release the game for Android devices yet. Some crafty hackers have released ‘Super Mario Run’ for Android, which actually infects the mobile device with Marcher, a sophisticated banking malware strain capable of stealing the victims’ banking and credit card information.

    Linux or Unix variant malware is rare, but it does exist. The destructive KillDisk malware previously associated with attacks targeting industrial firms, was recently observed infecting Linux machines as well, ESET security researchers warn. Killdisk was used to target Ukraine’s energy sector in late 2015. Primative versions of Killdisk wipe the hard drive, already bad, the updated versions include encryption technologies and ransomware behavioral patterns. It has been observed in the wild targeting Linux workstations and servers, demanding a ransom of 222 bitcoins (nearly $250,000 USD), according to ESET.

    CES 17 (consumer electronics show) was last week and, while numbers like ’50 billion devices will be connected to the internet by 2020’ are touted, not a lot of people seemed to care about cybersecurity. There were some hidden gems at the show, though, such as a collaborative effort between Symantec and Norton to release a router with Norton Core technology, which will protect all devices on the network that cannot protect themselves (like, your smart water bottle or Bluetooth toothbrush or, perhaps a better example, your DVR’s, cameras, etc)

     

    In conclusion, use us to keep your stuff safe, from MongoDB Files to other cyber security concerns, we can handle it.