Over the past few days, we have been analyzing a development with the Necurs botnet – a cybercrime operation dating back to 2012 that quickly became one of the largest spam botnets in the world. We reported on the infamous cybergang responsible for the distribution of global malware campaigns such as “Locky” and “GlobeImposter” in two blog posts (here and here) that explained how malware is spread via Necurs. And now we have seen a new link to that chain with attackers serving brand new files via the same botnet. These files are spreading malicious Visual Basic Scripts (VBScripts) and our analysis suggests that the authors are using the services provided by the Necurs botnet to reach more victims. The ultimate goal of the attackers is to make systems vulnerable to attacks with the ability to steal personal data and to infect them with keyloggers, banking malware, and ransomware.
Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. FacexWorm propagates in malicious Facebook Messenger messages and only attacks Chrome. Allan Liska, Senior Solutions Architect at Recorded Future has observed this evolved / advancing threat and commented below.
For several years now, wireless carriers have been busy telling anybody who’d listen that fifth-generation (5G) wireless will be a game-changing broadband revolution. Time and time again, their marketing departments have breathlessly insisted that everything from smart cities to next-gen medical care will only be possible through the miracle of 5G connections.
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Hawaii-based restaurant Zippy’s suffered a POS data breach. In addition, Uber executive John Flynn argued that user expectations on data protection are rising, but consumers still aren’t implementing the right precautions for their own data safety.
Researchers have unearthed a fresh new set of ways attackers could potentially exploit data-leaking Spectre CPU vulnerabilities in Intel chips. German publication Heise reported that eggheads are preparing to disclose at least eight new CVE-listed vulnerability reports describing side-channel attack flaws in Chipzilla’s processors.
In the past couple of years, while we have seen a rise in businesses adopting new cyber-security policies, such measures have not been able to curb the rise of malicious malware and cyber-weapons used against healthcare.
Former England international footballer Sol Campbell has hosted a defensive masterclass for small businesses to help them protect themselves against cybercrime. Research by Barclays has found, on average, London businesses have lost over £50,000 each as a result of cybercrime. It also found more than half of London businesses have been targeted by a scam or fraudulent activity, and 24% have had to make staff redundant in order to recoup the money lost.
New research by data security company, Clearswift, has shown that 45% of employees have mistakenly shared emails containing key data with unintended recipients, including personal information (15%), bank details (9%), attachments (13%) and other confidential text (8%).
By Trevor Dolan, Segment Director at Kollective
It’s a great time to work in IT. In 2018, the role of IT is now seen as a key business function rather than a cost cutting one. IT is helping businesses progress in the current digital climate, managing processes so employees can be more productive, and helping innovation thrive. While IT may be at the forefront of all of these processes, one area where it is still falling behind is in the speed at which IT teams can download, test and install software upgrades.
There is an urgent need to find the people that will protect and safeguard businesses, people and their data. In response, a number of banks and financial institutions are investing in their cyber security, particularly personnel. Today, Cyber Security Challenge UK, a non-profit organisation dedicated to inspiring and enabling people to seek careers in the cyber security industry has partnered with the prestigious Bank of England for the launch of its first Face-to-Face cyber security competition of 2018. The competition will test 30 of the brightest untapped talents in the UK to identify the next-generation of cyber security experts.
As I am attending the Cyber Security Event (http://www.cybersecuritysummit.com.br/) running in Sao Paulo Brazil in July 2018 with a presentation entitled ‘Dark Matter’, given the number of recent insecurity debacles which have occurred in the Financial Sector, from Experian to Equifax, from RBS to TSB, and of course not forgetting the high-impact outages which implicated the Bank of England’s (BoE) Chaps Infrastructure in 2017, halting the transactional processing of part of the £277bn which passes through the wired tentacles of the system each day, when it went down for around 10 hours during peak trading hours:
News broke this week that criminals are attempting to trick Airbnb users into handing over passwords and credit card details by taking advantage of the flood of emails being sent out ahead of the new European General Data Protection Regulation. The email included the following message:
When I was little, I discovered the joy of jumping on the bed. While it was fun to jump on the bed, I wanted to make it more challenging so I started to imitate the ski jumpers I had seen during the 1976 Winter Olympics and jump from my parents’ dresser to the bed. I quickly found out there’s a reason why many TV shows and events will start out with the message “don’t try this at home.” I ended up in the emergency room with a fractured left arm.
It’s a (new) weekly update! Lights are in, things are much brighter and… I think it was a bit too bright and the camera was pointed too high. This is all experimentation, folks, and I appreciate everyone’s input as I tune things to try and get a consistent, quality result. Still, as someone said whilst I was mucking around with all this, the audio quality is great and that’s what people are ultimately listening to so that’s a fantastic start. You’ll notice I’ve also changed the video thumbnail and removed the text in the opening frames, I hope that’s an improvement. (Oh yeah – and there’s a 4 min blank spot at the end due to a rogue element in the Premiere project I didn’t clean up – sorry!)
Twitter has warned its 330 million users to immediately change their passwords, as a result of a bug that caused passwords to be logged in plaintext before being hashed. Although Twitter says passwords are stored using the bcrypt hashing algorithm, it seems they were inadvertently placed in an internal log before being hashed.
Reading Time: ~2 min.
The Cyber News Rundown brings you the latest happenings in cybersecurity news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst and a guy with a passion for all things security. Any questions? Just ask.
—–BEGIN PGP SIGNED MESSAGE—–
Ultimately, the FTC is alleging Ohev-Zion and BLU violated the FTC Act’s section pertaining to “deceptive representation regarding disclosure of personal information.” The proposed settlement will be made final after a 30-day public comment period. In its proposed complaint, the FTC said Florida-based BLU contracted with Adups to issue security and operating system updates to millions of phones sold by the firm through Amazon, Best Buy and Walmart. In addition to allegedly failing to protect consumer privacy, the FTC asserts that BLU failed “to adequately assess the privacy and security risks of third-party software installed on BLU devices” resulting in “common security vulnerabilities that could enable attackers to gain full access to the devices.”