Daily Intelligence 3.16.2016
Tends
Top Data Breach Trends
http://www.cutimes.com/2016/02/03/4-top-data-breach-trends?ref=hp-features
Kaspersky Security Bulletin. Spam and phishing in 2015
https://securelist.com/analysis/kaspersky-security-bulletin/73591/kaspersky-security-bulletin-spam-and-phishing-in-2015/
Current Attacks
UCF data breach: 63K Social Security numbers compromised
http://www.wesh.com/news/ucf-data-breach-63k-social-security-numbers-compromised/37816088
Tax Software Provider Discloses Data Breach
http://www.wsj.com/articles/tax-software-provider-discloses-data-breach-1454638207
Nuclear EK Leveraged In Large WordPress Compromise Campaign
https://blog.malwarebytes.org/exploits-2/2016/02/nuclear-ek-leveraged-in-large-wordpress-compromise-campaign/
DayZ forums hacked, user info and encrypted passwords stolen
http://www.pcgamer.com/dayz-forums-hacked-user-info-and-encrypted-passwords-stolen//
Data breach affects thousands in Georgia Medicaid, PeachCare
http://onlineathens.com/mobile/2016-02-03/data-breach-affects-thousands-georgia-medicaid-peachcare
Mysterious spike in WordPress hacks silently delivers ransomware to visitors
http://arstechnica.com/security/2016/02/mysterious-spike-in-wordpress-hacks-silently-delivers-ransomware-to-visitors/
Gossip Site TMZ, Latest Victim of Malvertising Campaign
https://blog.malwarebytes.org/malvertising-2/2016/02/gossip-site-tmz-latest-victim-of-malvertising-campaign/
Malware
WordPress Infections Leading to TeslaCrypt Ransomware - See more at:
https://threatpost.com/wordpress-infections-leading-to-teslacrypt-ransomware/116149/#sthash.kdq7qscK.dpuf
A trip through the spam filters: more malspam with zip attachments containing
.js files
https://isc.sans.edu/diar /A+trip+through+the+spam+filters%3A+more
A weather app with a twist
https://blog.malwarebytes.org/fraud-scam/2016/02/a-weather-app-with-a-twist/
Wordpress Infections Leading to teslacrypt ransomeware
http://threatpost.com/wordpress-infections-leading-to-teslacrypt-ransomware/116149/
Hydracrypt Ransomware: Examples and information
http://cyberwarzone.com/hydracrypt-ransomware-examples-and-information/
Dridex botnet is installing AVIRA AV on hacked systems
http://cyberwarzone.com/dridex-botnet-is-installing-avira-av-on-hacked-systems/
Fake Amazon Mail Phishes for Login, Payment Information
https://blog.malwarebytes.org/fraud-scam/2016/02/fake-amazon-mail-phishes-for-login-payment-information/
General Cyber-Security News
CIOs wary of sharing cyberthreat data
http://www.cio.com/article/3030027/security/cios-wary-of-sharing-cyber-threat-data.html
Town Faces Ransomware Infection, Blinks
http://www.databreachtoday.com/blogs/town-faces-ransomware-infection-blinks-p-2055
GeoPolitical News
Canada not addressing IT risks for air transportation: Report
http://www.businessinsurance.com/article/20160204/NEWS06/160209890?tags=58|
425|418|158|163|88|83
(Full Text Below)
The Middle East’s Quietly Rising Cyber Super Power
http://www.defenseone.com/technology/2016/01/middle-easts-quietly-rising-cyber-super-power/125472/
Vulnerabilties
eBay Flaw Exposes Users to Malware, Phishing Attacks
http://www.securityweek.com/ebay-flaw-exposes-users-malware-phishing-attacks
Comodo Browser Breaks Security: Google Researcher
http://www.securityweek.com/comodo-browser-breaks-security-google-researcher
Serious Flaw Found in Socat Tool
http://www.securityweek.com/serious-crypto-flaw-found-socat-tool
Security flaws discovered in smart toys and kids’ watches
http://www.net-security.org/secworld.php?id=19404
Flaws Expose Sauter SCADA Systems to Takeover
http://www.securityweek.com/flaws-expose-sauter-scada-systems-takeover
NETGEAR MANAGEMENT SYSTEM VULNERABLE TO RCE, PATH TRAVERSAL ATTACKS
http://threatpost.com/netgear-management-system-vulnerable-to-rce-path-traversal-attacks/116139/
Patches
WordPress 4.4.2 Patches Open Redirect, SSRF Flaws
http://www.securityweek.com/wordpress-442-patches-open-redirect-ssrf-flaws
Cisco Patches High Severity Flaws in Several Products
http://www.securityweek.com/cisco-patches-high-severity-flaws-several-products
Full Text
Canada not addressing IT risks for air transportation: Report
http://www.businessinsurance.com/article/20160204/NEWS06/160209890?tags=58|
425|418|158|163|88|83
The Canadian Air Transport Security Authority has failed to produce action
plans to properly and timely assess and mitigate systemwide information
technology risks, according to a report by the Office of the Auditor General of
Canada.
The Ottawa, Ontario authority’s corporate risk profile contains mitigation
measures related to information technology, including a business continuity
plan and an emergency response plan — both of which are periodically tested —
as well as IT threat and risk assessments and a business impact analysis,
according to the report, which was published on the auditor general’s website
on Tuesday after an examination conducted in 2015.
However, the auditor general determined that only two out of four key systems
examined had an assessment done, that the assessments were outdated and that
no action plans were in place to address the identified risks, according to the
report. Conducting these assessments for key systems is important to identify
potential vulnerabilities, according to the auditor general.
“Action plans are needed to mitigate, monitor, and report on identified IT
risks,” the report said.
The auditor general recommended the authority conduct these assessments on all
critical systems and maintain action plans for each assessment, which the
authority has agreed to do.
The authority was created in response to the Sept. 11, 2001, terrorist attacks
in the United States and is responsible for screening more than 52 million
passengers and their belongings before they board planes at 89 Canadian airports, according to the authority.
Related posts