Situation Awareness 06.06.16
Trends
Cyber criminals getting more nimble, sophisticated
http://www.businessinsurance.com/article/20160308/NEWS06/160309826?tags=|299|
70|71|83|302#utm_medium=email&utm_source=bi-dailyalert&utm_campaign=bi-
dailyalert-20160308
Cyber-crooks now prefer ransomware to botnets. Yep, firms are paying up
http://www.theregister.co.uk/2016/03/09/trend_micro_ransomware_iot_threat_rise/
Attacks
Bangladesh central bank’s US account hacked; New York Fed denies breach
http://timesofindia.indiatimes.com/tech/tech-news/Bangladesh-central-banks-US-account-hacked-New-York-Fed-denies-breach/articleshow/51312844.cms
Rosen Hotel chain was hit by credit-card stealing malware for 17 months
http://www.tripwire.com/state-of-security/security-data-protection/rosen-hotel-credit-card-malware/
Cyber-Warfare
Fresh APT Found Targeting Indian Military, Diplomats
http://www.infosecurity-magazine.com/news/fresh-apt-targeting-indian/
Attackers
Onion Dog, A 3 Year Old APT Focused On the Energy and Transportation
Industries in Korean-language Countries Is Exposed by 360
http://www.prnewswire.com/news-releases/onion-dog-a-3-year-old-apt-focused-on-the-energy-and-transportation-industries-in-korean-language-countries-is-exposed-by-360-300232441.html
Romanian ATM hacker exploits vulnerability in FENCE, escapes jail
http://www.theregister.co.uk/2016/03/08/romanian_atm_hacker_exploits_vulnerability_in_fence_escapes_jail/
Vulnerabilities
Popular WordPress Plugin Comes with a Backdoor, Steals Site Admin Credentials
http://news.softpedia.com/news/popular-wordpress-plugin-comes-with-a-backdoor-steals-site-admin-credentials-501383.shtml
Trivial path for DDoS amplification attacks found by infosec bods
http://www.theregister.co.uk/2016/03/09/trivial_ddos_amplification_method/
ISC TO PATCH VERSIONS OF DHCP VULNERABLE TO DOS
http://threatpost.com/isc-to-patch-versions-of-dhcp-vulnerable-to-dos/116648/
Patches
Microsoft fixes critical flaw affecting every version of Windows
http://www.zdnet.com/article/march-2016-patch-tuesday/#ftag=RSSbaffb68
&
2016: Bad USB sticks, evil webpages, booby-trapped font files still menace
Windows PCs
http://www.theregister.co.uk/2016/03/08/update_tuesday/
&
Microsoft Critical Security Bulletins Summary for March 2016
http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2016/av16-043-en.aspx
Android security update once again addresses MMS malware flaws, but will your
phone get fixed?
http://www.hotforsecurity.com/blog/android-security-update-once-again-addresses-mms-malware-flaws-but-will-your-phone-get-fixed-13523.html
Adobe Security Bulletin Summary for March 2016
http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2016/av16-042-en.aspx
General
Mac and Linux banking malware could soon be here thanks to efforts by
Brazilian crime gangs
http://www.ibtimes.co.uk/mac-linux-banking-malware-could-soon-be-here-thanks-efforts-by-brazilian-crime-gangs-1548260
Home Depot to pay out $26m in data breach settlement
Read more: http://www.reuters.com/article/us-home-depot-breach-settlement-idUSKCN0WA24Z?feedType=RSS&feedName=technologyNews#ixzz42Pfqm8TT
U.S. cyber pros test skills in exercise meant to stop attacks
http://www.militarytimes.com/story/military/tech/2016/03/08/us-cyber-pros-test-skills-exercise-meant-stop-attacks/81488852/
Home Depot creates $19.5M fund to settle breach class action suit
http://www.scmagazine.com/home-depot-creates-195m-fund-to-settle-breach-class-action-suit/article/481956/
TalkTalk CEO admits firm did not take security seriously enough
Related posts