News – December 2017


  • Cryptocurrency mining virus spreads across Facebook Messenger

    December 27, 2017

    A virus that turns victims’ computers into a cryptocurrency miner without their knowledge is spreading across Facebook Messenger, security experts have warned. The malware, named “Digmine”, affects desktop versions of the app when running on a Google Chrome browser, according to researchers at Trend Micro. “If the user’s Facebook account is set to log in automatically, Digmine will manipulate ...

  • CEO of Major UK-Based Cryptocurrency Exchange Kidnapped in Ukraine

    December 27, 2017

    Pavel Lerner, a prominent Russian blockchain expert and known managing director of one of the major crypto-exchanges EXMO, has allegedly been kidnapped by “unknown” criminals in the Ukranian capital of Kiev. According to Ukraine-based web publication Strana, Lerner, 40-year-old citizen of Russia, was kidnapped on December 26 when he was leaving his office in the center of ...

  • Bad Rabbit Ransomware Spreads via Network, Hits Ukraine and Russia

    December 24, 2017

    An ongoing ransomware campaign is hitting Eastern European countries with what seems to be a variant of the Petya ransomware dubbed Bad Rabbit (which we detect as RANSOM_BADRABBIT.A). Trend Micro XGen™ security products with machine learning enabled can proactively detect this ransomware as TROJ.Win32.TRX.XXPE002FF019 without the need for a pattern update. The attack comes a few months after the previous ...

  • Huawei Router Vulnerability Used to Spread Mirai Variant

    December 22, 2017

    Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Okiku, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router model HG532. It said it is tracking hundreds ...

  • Nissan Finance Canada Suffers Data Breach — Notifies 1.13 Million Customers

    December 21, 2017

    It’s the last month of this year, but possibly not the last data breach report. Nissan warns of a possible data breach of personal information on its customers who financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada. Although the company says it does not know precisely how many customers were affected by the ...

  • GCHQ ‘Over-Achieved’ its Development of Offensive Cyber Capabilities

    December 21, 2017

    A new report from the Intelligence and Security Committee claims that the GCHQ has substantially increased its hacking abilities over the past few years. So much so that the Committee claims the spy organisation has “over-achieved”. How much is over-achieved? Apparently the agency has doubled the number of offensive cyber-capabilities, including the ability to attack other countries’ communications, ...

  • Trump’s national security strategy outlines ‘cyberspace’ goals

    December 19, 2017

    President Donald Trump unveiled a national security strategy on Monday that highlights his administration’s “America First” approach to the world and foreign policy. The sprawling 68-page document touches on a number of national security concerns, including economic ties with China and the lethality of the US nuclear arsenal, as well as a brief list of action items that ...

  • Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

    December 18, 2017

    A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign ...

  • New Android Malware Can Physically Damage Your Phone

    December 18, 2017

    Due to the recent surge in cryptocurrency prices, not only hackers but also legitimate website administrators are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of your PC to mine Bitcoin or other cryptocurrencies. Just last week, researchers from AdGuard discovered that some popular video streaming and ripper sites including openload, Streamango, Rapidvideo, and OnlineVideoConverter hijacks CPU cycles from their ...

  • No hack needed: Anonymisation beaten with a dash of SQL

    December 18, 2017

    Governments should not release anonymised data that refers to individuals, because re-identification is inevitable. That’s the conclusion from Melbourne University’s Dr Chris Culnane, Dr Benjamin Rubinstein and Dr Vanessa Teague, who have shown that the Medicare data the Australian government briefly published last year can be re-identified – trivially. Read more… Source: The Register  

  • Kaspersky Lab Sues U.S. Government Over Software Ban

    December 18, 2017

    Moscow-based cyber security firm Kaspersky Lab has taken the United States government to a U.S. federal court for its decision to ban the use of Kaspersky products in federal agencies and departments. In September 2017, the United States Department of Homeland Security (DHS) issued a Binding Operational Directive (BOD) ordering civilian government agencies to remove Kaspersky Lab software ...

  • Uber says data breach compromised 380K users in Singapore

    December 16, 2017

    Uber says an estimated 380,000 users in Singapore were impacted by the 2016 data breach that compromised 58 million accounts globally, but finds no incidents of fraud related to the attack. The ride-sharing operator posted a statement on its website Friday with the update, noting that the figure was “an approximation rather than an accurate and ...

  • We need to talk about mathematical backdoors in encryption algorithms

    December 15, 2017

    Security researchers regularly set out to find implementation problems in cryptographic algorithms, but not enough effort is going towards the search for mathematical backdoors, two cryptography professors have argued. Governments and intelligence agencies strive to control and bypass or circumvent cryptographic protection of data and communications. Backdooring encryption algorithms is considered as the best way to ...

  • Triton Malware Targets Industrial Control Systems in Middle East

    December 15, 2017

    Researchers found malware called Triton on the industrial control systems of a company located in the Middle East. Attackers planted Triton, also called Trisis, with the intent of carrying out a “high-impact attack” against an unnamed company with the goal of causing physical damage, researchers said. FireEye’s Mandiant threat research team revealed the existence of the malware ...

  • Pre-Installed Password Manager On Windows 10 Lets Hackers Steal All Your Passwords

    December 15, 2017

    If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently installs new “suggested apps” without asking for users’ ...

  • 19-Year-Old TLS Vulnerability Weakens Modern Website Crypto

    December 13, 2017

    A vulnerability called ROBOT, first identified in 1998, has resurfaced. Impacted are leading websites ranging from Facebook to Paypal, which are vulnerable to attackers that could decrypt encrypted data and sign communications using the sites’ own private encryption key. The vulnerability is found in the transport layer security protocol used for Web encryption. A successful attack could ...

  • Why bother cracking PCs? Spot o’ malware on PLCs… Done. Industrial control network pwned

    December 12, 2017

    Security researchers have demonstrated a new technique for hacking air-gapped industrial control system networks, and hope their work will encourage the development of more robust defences for SCADA-based systems. Air-gapped industrial networks are thought to be difficult if not impossible to hack partly because they are isolated from the internet and corporate IT networks. However, in ...

  • MoneyTaker Cybercriminal Group Steals $10 Million from Financial Institutions

    December 12, 2017

    Security researchers shed light on the Russian-speaking cybercriminal group MoneyTaker, which was reported to have perpetrated cyberattacks against financial organizations in the U.S. and Russia. The group reportedly stole as much as $10 million from at least 20 card payment and inter-bank transfer systems. What is MoneyTaker? MoneyTaker is a cybercriminal group named after the custom malware they use ...

  • GCHQ’s cybersecurity accelerator just opened its door to nine new startups

    December 11, 2017

    Software designed to detect phishing emails, a platform to help developers write secure code, and a company which investigates cybercrime involving cryptocurrencies are just some of the ideas behind the startups that will join the second incarnation of GCHQ’s cyber-accelerator. Showcased at a launch event at the National Cyber Security Centre in London, the nine companies will spend nine months working ...

  • German intelligence unmasks alleged covert Chinese social media profiles

    December 11, 2017

    Germany’s intelligence service has published the details of social network profiles which it says are fronts faked by Chinese intelligence to gather personal information about German officials and politicians. The BfV domestic intelligence service took the unusual step of naming individual profiles it says are fake and fake organizations to warn public officials about the risk ...