Situation Awareness 06.21.16
Trends
New Ponemon Study: Cyber Onslaught Threatens to Overwhelm Healthcare Survey
http://www.prnewswire.com/news-releases/new-ponemon-study-cyber-onslaught-threatens-to-overwhelm-healthcare-survey-300227718.html
- Related -
Cybersecurity Report Finds ‘Healthcare Industry in Turmoil’
http://www.campussafetymagazine.com/article/cybersecurity_report_finds_healthcare_industry_in_turmoil#
&
Hospital Security Fail: Report Outlines Dangerous Shortcomings - See more at:
https://threatpost.com/hospital-security-fail-report-outlines-dangerous-shortcomings/116519/#sthash.mdtnatX8.dpuf
Breach Detection Time Improves, Destructive Attacks Rise: FireEye
http://www.securityweek.com/breach-detection-time-improves-destructive-attacks-rise-fireeye
Report: Expect Even More DDoS Attacks, Malicious Cyber Activity from China
http://www.nextgov.com/cybersecurity/2016/02/expect-even-more-ddos-attacks-malicious-cyber-activity-china-report-says/126291/
DDoS attacks up 149 percent as brassy booter kids make bank
http://www.theregister.co.uk/2016/03/01/ddos_attacks_up_149_percent_as_brassy_booter_kids_make_bank/
Attacks
Ransomware targets victims through Visa deals
http://www.zdnet.com/article/ransomware-targets-victims-through-visa-deals/#ftag=RSSbaffb68
PHP ransomware attacks blogs, websites, content managers and more…
https://nakedsecurity.sophos.com/2016/03/02/php-ransomware-attacks-blogs-websites-content-managers-and-more/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29
Netflix and Uber Users: Cybercriminals’ Latest Favored Hacking Targets?
http://blog.trendmicro.com/trendlabs-security-intelligence/netflix-and-uber-users-cybercriminals-latest-favored-hacking-targets/
UC Berkeley cyberattack news follows disclosures in April 2015, December 2014
http://www.networkworld.com/article/3039116/security/uc-berkeley-makes-third-data-breach-disclosure-in-past-15-months.html
Snapchat Under Cyber Attack; Regrets Employee Data Leak
http://www.bidnessetc.com/64494-snapchat-confesses-to-data-breach/
Cautionary tale: What happens after daring elite hackers to hack you?
http://www.networkworld.com/article/3038790/security/cautionary-tale-what-happens-after-daring-elite-hackers-to-hack-you.html
Malware
CTB Locker ransomware now also encrypts websites
https://www.helpnetsecurity.com/2016/02/29/ctb-locker-ransomware-now-also-encrypts-websites/
CTB-Locker Ransomware for Websites Is Written in PHP and Available on GitHub
http://news.softpedia.com/news/ctb-locker-ransomware-for-websites-is-written-in-php-and-available-on-github-501180.shtml
What Is Old Is New Again - Nymaim Moves Past Its Ransomware Roots - See more
at: https://www.proofpoint.com/us/what-old-new-again-nymaim-moves-past-its-ransomware-roots-0#sthash.R8tBycHP.dpuf
Threat Actors Behind “Shrouded Crossbow” Create BIFROSE for UNIX
http://blog.trendmicro.com/trendlabs-security-intelligence/threat-actors-behind-shrouded-crossbow-creates-bifrose-for-unix/
Look Into Locky
https://blog.malwarebytes.org/intelligence/2016/03/look-into-locky/
Operation Fingerprint: A Look Into Several Angler Exploit Kit Malvertising
Campaigns
https://blog.malwarebytes.org/malvertising-2/2016/03/ofp/
De-obfuscating malicious Vbscripts
https://blog.malwarebytes.org/intelligence/2016/02/de-obfuscating-malicious-vbscripts/
Fast Flux Bot Nets and Fluxer - Part 2
http://www.scmagazine.com/fast-flux-bot-nets-and-fluxer-part-2/article/478369/?DCMP=EMC-SCUS_Newswire&spMailingID=13855308&spUserID=MTQ0NjE2OTcxNjMzS0&spJobID=740023719&spReportId=NzQwMDIzNzE5S0
Reinvented ransomware shifts from pwning PC to wrecking websites
https://packetstormsecurity.com/news/view/26372/Reinvented-Ransomware-Now-Targeting-WordPress-Sites.html
Cyber-Warfare
Pentagon admits it is ‘looking to accelerate’ cyber-attacks against Isis
http://www.theguardian.com/world/2016/feb/29/pentagon-admits-cyber-attacks-against-isis
* Related -
US Launching Cyber-Attacks on ISIS Bases, Some Methods Are “Surprising”
http://news.softpedia.com/news/us-launching-cyber-attacks-on-isis-bases-some-methods-are-surprising-501232.shtml
&
US military launches cyber attacks on ISIS in Mosul, and announces it
http://arstechnica.com/information-technology/2016/03/us-military-launches-cyber-attacks-on-isis-in-mosul-and-announces-it/
No to Solar Power? ‘Puzzling’ Daesh Cyber-Attack Against Small UK Firm
Read more: http://sputniknews.com/europe/20160301/1035586059/daesh-uk-cyber-attack.html#ixzz41kpR1uZi
Malware uses Mars Rover code to spy on Indian-Afghani relations
https://www.grahamcluley.com/2016/03/malware-mars-rover/
Attackers
Turkish hacker behind $55 mln cyber spree pleads guilty in US
http://www.todayszaman.com/latest-news_turkish-hacker-behind-55-mln-cyber-spree-pleads-guilty-in-us_413749.html
New piece of OS X malware may track back to Hacking Team
http://www.computerworld.com/article/3039557/security/new-piece-of-os-x-malware-may-track-back-to-hacking-team.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F17+%28Computerworld+Security+News%29#tk.rss_security
&
HackingTeam is back with Mac Malware
http://www.ehacking.net/2016/03/hackingteam-is-back-with-mac-malware.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ehacking+%28Ehacking-+Your+Way+To+The+World+Of+IT+Security%29
Card “Verification” Now Offered “As a Service” by Brazilian Cybercriminals
http://blog.trendmicro.com/trendlabs-security-intelligence/card-verification-now-offered-as-a-service-by-brazilian-cybercriminals/
FighterPOS PoS Malware Gets Worm Routine
http://blog.trendmicro.com/trendlabs-security-intelligence/fighterpos-gets-worm-routine/
Chinese Threat Intel Start-up Finds DarkHotel Exploiting Chinese Telecom
http://www.darkreading.com/threat-intelligence/chinese-threat-intel-start-up-finds-darkhotel-exploiting-chinese-telecom/d/d-id/1324496?_mc=RSS_DR_EDT
Vulnerabilities
DROWN attack: 33% of all HTTPS servers declared at risk
https://heatsoftware.com/security-blog/10831/drown-attack-https/
Learn things? DROWN HTTPS flaw proves we don’t even test things
http://www.theregister.co.uk/2016/03/02/drown_proves_people_didnt_test_their_servers_after_poodle/
The Most Common Vulnerabilities in Open Source Web Applications Are XSS and
SQLi
http://news.softpedia.com/news/the-most-common-vulnerabilities-in-open-source-web-applications-are-xss-and-sqli-501078.shtml
One in Ten Top Internet Sites May Be Vulnerable to CSRF and XSS Attacks
http://news.softpedia.com/news/one-in-ten-top-internet-sites-may-be-vulnerable-to-csrf-and-xss-attacks-501106.shtml
Over 60 Vulnerabilities Patched in Apple TV
http://www.securityweek.com/over-60-vulnerabilities-patched-apple-tv
$17 smartwatch sends something to random Chinese IP address
http://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/
Schneider Electric building manager bug allows security bypass
http://www.theregister.co.uk/2016/03/02/schneider_electric_building_manager_needs_upgrade/
Patches
Cisco Patches Command Injection Flaw in ACE Appliance
http://www.securityweek.com/cisco-patches-command-injection-flaw-ace-appliance
Palo Alto Networks Fixes PAN-OS Vulnerabilities
http://www.securityweek.com/palo-alto-networks-fixes-pan-os-vulnerabilities
General
Uber data breach shows apps may not be able to protect your information
http://blog.trendmicro.com/uber-data-breach-shows-apps-may-not-be-able-to-protect-your-information/
Ukraine cyber-attacks ‘could happen to UK’
http://www.bbc.com/news/technology-35686493
Verizon is known for its huge annual Data Breach Investigations Report, but
this morning it released a less data-heavy digest organized by case study
http://www.csoonline.com/article/3039555/investigations-forensics/verizon-releases-first-ever-data-breach-digest-with-security-case-studies.html
&
DATA BREACH DIGEST – SCENARIOS FROM THE FIELD
https://securityblog.verizonenterprise.com/?p=7458
Akamai speeds Australian DDoS blocking as botnets-for-hire make attacks
shorter, more frequent
http://www.cso.com.au/article/595026/akamai-speeds-australian-ddos-blocking-botnets-for-hire-make-attacks-shorter-more-frequent/
Cybercrime Underground Economy Series Around the World
http://blog.trendmicro.com/cybercrime-underground-economy-series-around-the-world/
Related posts