31st August 2018 AVIEN resource updates

Updates to Anti-Social Media 

Tomáš Foltýn for ESET: Instagram expands 2FA and account verification – “The move is part of a three-pronged plan that is intended to bolster user trust and safety on the photo-sharing platform”

Brian Krebs: Instagram’s New Security Tools are a Welcome Step, But Not Enough – “…Unfortunately, this welcome new security offering does nothing to block Instagram account takeovers when thieves manage to hijack a target’s mobile phone number…”

Raj Samani (McAfee) for Help Net: The anatomy of fake news: Rise of the bots

Updates to Cryptocurrency/Crypto-mining News 

ZDNet: Bitfi finally gives up claim cryptocurrency wallet is unhackable – ‘On Twitter, the company posted a statement which said the company had hired external help in the form of a “Security Manager” who is “confirming vulnerabilities that have been identified by researchers.” “Effective immediately, we will be removing the “Unhackable” claim from our branding which has caused a significant amount of controversy,” the company added.’

Talos: Rocke: The Champion of Monero Miners – “Rocke actively engages in distributing and executing cyrptomining malware using a varied toolkit that includes Git repositories, HttpFileServers (HFS), and a myriad of different payloads, including shell scripts, JavaScript backdoors, as well as ELF and PE miners.”

ThreatPost: New Threat Actor ‘Rocke’: A Rising Monero Cryptomining Menace – “Researchers at Cisco Talos, who discovered the threat actor they call “Rocke”, said they have been tracking the adversary since April as it continues to plant various Monero miners on vulnerable systems. … “Rocke will continue to leverage Git repositories to download and execute illicit mining onto victim machines,” the research team said in a post Thursday.”

The Register: Cryptojacking isn’t a path to riches – payout is a lousy $5.80 a day – “Hackers shouldn’t quit their day scams if they want to eat…Cryptojacking, the hijacking of computing resources to mine cryptocurrency, turns out to be both relatively widespread and not particularly profitable, according to a paper published by code boffins from Braunschweig University of Technology in Germany.” The paper is here. 

Updates to Ransomware Recovery and Prevention and Specific Ransomware Families and Types

Decrypter for RansomWarrior [sic] from Checkpoint: Ransom Warrior Decryption Tool

Updates to GDPR page

The Register: Fear mongers forced to eat shorts over spam swamping claims – “GDPR and no Whois hasn’t caused catastrophe…Researchers at Recorded Future have been tracking spam through Cisco’s Talos reporting system and have concluded that GDPR has had zero impact on online problems.”

Updates to Internet of (not necessarily necessary) Things

[Many of the Things that crop up on this page are indeed necessary. But that doesn’t mean that connecting them to the Internet of Things (or even the Internet of Everything) is necessary, or even desirable, given how often that connectivity widens the attack surface.]

Help Net: Old “Misfortune Cookie” flaw opens medical gateway and devices to attack summarizes this article from CyberMDX: CyberMDX Discovers Vulnerability in Qualcomm Life’s Capsule Datacaptor Terminal Server (DTS)

See also

Updates to Mac Virus

Nightwatch Security: Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489] – “System broadcasts by Android OS expose information about … WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address.”

Commentary by TechRepublic: Android ‘API breaking’ vulnerability leaks device data, allows user tracking 

Sophos: Hacked stalking app reveals victims’ photos, texts and location info – “TheTruthSpy sells an iOS and Android app that enables someone to spy on someone else’s phone. The software is not available on official app stores and has to be installed on a jailbroken iPhone or via an alternative source on an Android phone.”

Ionut Ilascu for Bleeping Computer: Unsophisticated Android Spyware Monitors Device Sensors – “Tagged BusyGasper by security experts at Kaspersky, the malware stands out through its ability to monitor the various sensors present on the targeted phone. … Kaspersky’s Alexey Firsh writes in the analysis.”

David Harley

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.