A week in security (April 29 – May 5)

Last week on Labs we discussed the possible exit scam of dark net market Wall Street Market, how the Electrum DDoS botnet reaches 152,000 infected hosts, we looked at the sophisticated threats plague ailing healthcare industry, a mysterious database that exposed personal information of 80 million US households, how Mozilla urges Apple to make privacy a team sport, the state of cryptojacking in the post-Coinhive era, and we digested the top six takeaways for corporate data privacy compliance.

Other cybersecurity news

  • The news that Europol shut down two prolific dark web marketplaces in simultaneous global operations, one of which was Wall Street Market, shed a new light on the possible exit scam. The other marketplace was Silkkitie aka the Valhalla Marketplace. (Source: Europol)
  • Scammers are now sending sextortion emails stating that they have a tape of you and them having intercourse and are threatening to release it if you do not send them a $1,500 in bitcoins. (Source: Bleeping Computer)
  • Mozilla has released an update today for Firefox that fixes the issue with an expired signing certificate that disabled add-ons for the vast majority of its userbase over the weekend. (Source: ZDNet)
  • A Pennsylvania credit union is suing financial industry technology giant Fiserv, alleging that security vulnerabilities in the company’s software are wreaking havoc on its customers. (Source: Krebs on Security)
  • A researcher has discovered vulnerabilities in more than 100 plugins designed for the Jenkins open source software development automation server and many of them have yet to be patched. (Source: SecurityWeek)
  • Facebook has been hit with three new separate investigations from various governmental authorities—both in the United States and abroad—over the company’s mishandling of its users’ data. (Source: The Hacker News)
  • NIST tool uses updated combinatorial testing to enable more comprehensive tests on high-risk software to reduce potential errors. (Source: NIST)
  • A hacker exploited the fact that some botnet operators had used weak or default credentials to secure the backend panels of their command and control (C&C) servers and was able to take over the IoT DDoS botnets of 29 other hackers. (Source: ZDNet)
  • Programmers say they’ve been hit by ransomware that seemingly wipes their Git repositories’ commits and replaces them with a ransom note demanding Bitcoin. (Source: The Register)
  • Mirrorthief group uses Magecart skimming attack to hit hundreds of campus online stores in US and Canada. (Source: Trendlabs)

Stay safe everyone!