Saturday, December 15, 2018
Internet Storm Center Infocon Status


Weekly Update 117

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.I'm in Whistler! And as I say at the start of this video, I did seriously consider having...

‘Bomb threat’ scammers are now threatening to throw acid on victims

Bomb threat extortion campaign yielded less than $1 for the spammers.
The Register

Brazil bested by hackers, Virgin plugs hub bugs, and France surrenders… records

Plus, Talos critical of flawed message apps It was pretty hectic security week, between the Sharpshooter malware attack, a massive Patch Tuesday, and yet another Facebook privacy fail.…
Darknet Diaries

Ep 28: Unit 8200

Israel has their own version of the NSA called Unit 8200. I was curious what this unit does and tried to take a peek inside. Hear what I found by listening along to this episode.This episode was sponsored by...
The Hacker News

Critical SQLite Flaw Leaves Millions of Apps Vulnerable to Hackers

Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as 'Magellan' by Tencent's Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary...
The CyberWire Podcast

The Sony hack and the perils of attribution — Research Saturday

Researchers at Risk Based Security took a detailed look back at the 2014 Sony hack, comparing analysis that occurred while the facts were still unfolding with what we know, today. There are interesting lessons to be learned, especially when...
The Register

‘Bomb threat’ scammers linked to earlier sextortion campaign

Scare tactic efforts may be the work of a single group Yesterday's 'bomb scare' spam campaign may have been a follow-up to another infamous email extortion effort.…

SQLite bug impacts thousands of apps, including all Chromium-based browsers

New 'Magellan' vulnerability will haunt the app ecosystem for years to come.
PC Mag

Thursday’s Email Bomb Threat Has Ties to Earlier ‘Sextortion’ Scam

The mass email bomb threat on Thursday that turned out to be a hoax was likely perpetrated by a group of spammers who have also been scamming people with an email 'sextortion' scheme, according to Cisco's Talos security group.
The Register

Scumbag hackers lift $1m from children’s charity

Utter asshats pull seven-figure heist on Save the Children Foundation A group of criminal asswipes have managed to steal $1m from the Save the Children Foundation.…

Email Bomb Threats Follow Sextortion Playbook

Yesterday's wave of email bomb threats appear to be an evolution of tactics by the same groups that earlier tried "sextortion" and personal threats, Talos researchers say.

How to protect Windows 10 PCs from ransomware

CryptoLocker. WannaCry. Petya. Bad Rabbit. The ransomware threat isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world. It’s popular in large part because of the...
SC Magazine

Sextortion gang found to be behind email bomb threat spree

Cisco Talos believes it has tied a recent wave of emailed bomb threats to the same group that was conducting a sextortion campaign earlier this year, and revealed that most recent campaign was a financial bust for the malicious...

Best security software: How 25 cutting-edge tools tackle today’s threats

Threats are constantly evolving and, just like everything else, tend to follow certain trends. Whenever a new type of threat is especially successful or profitable, many others of the same type will inevitably follow. The best defenses need to...
SC Magazine

Malicious document builder LCG Kit a key component in recent phishing campaigns

Researchers at Proofpoint have uncovered a sophisticated tool commonly used by malicious actors to build weaponized documents for phishing campaigns. Dubbed LCG Kit, the service has helped small crime groups create docs capable of spreading a variety of remote access...
The CyberWire Podcast

False flags and real flags. ISIS claims the Strasbourg killer as one of its soldiers. A bogus bomb threat circulates by email.

In today’s podcast, we hear about false flag cyberattacks that mimic state actors, especially Chinese state actors. Chinese intelligence services are prospecting US Navy contractors. Russia’s Fancy Bear continues its worldwide phishing campaign. ISIS claims the career criminal responsible...
OWASP Podcast

The DevSecOps Unicorn Rodeo w/ Stefan Streichsbier

Stefan Streichsbier talks about his chapter, "Unicorn Rodeos", in the just released book, "Epic Failures in DevSecOps". We start with where did the chapter name come from and what does it mean, then lead into his three main points...
SC Magazine

Magecart-style credit card sniffer spotted for sale, online retailers beware

Online retailers should be on high alert for attacks carried out by a Magecart-style credit card sniffing tool similar to the one used to carry out the British Airways and Ticketmaster hacks. Armor researchers are warning retailers after spotting the...
The Register

Stop us if you’ve heard this one: Facebook apologizes for bug leaking private photos

Data gathering biz still having trouble keeping data secure Facebook on Friday apologized for a bug that may have exposed exposed private photos to third-party apps for the 12 day period from September 13 to September 25, 2018.…

Iranian Hackers Target Nuclear Experts, US Officials

Hackers ramp up efforts to infiltrate email accounts of Americans responsible for enforcing severe economic sanctions on Iran.
SC Magazine

Report: Boomoji app developer leaves customer data exposed on open database

The developers of make-your-own-avatar app Boomoji reportedly neglected to password-protect two of their internet-connected databases, thus publicly exposing the personal data of roughly 5.3 million users. The wide-open databases, from Elasticsearch, stored users’ names, genders, countries and phone types all...
PC Mag

‘Donald’ Makes It on Annual Worst Passwords List

The President's first name came in as the 23rd most frequently used password, behind old favorites such as 'monkey' and 'qwerty," according to data compiled by password management provider SplashData.
SC Magazine

Google Keystore feature looks to improve Android Pie security

Google is boosting Android Key security for mobile apps with new Keystore features to improve the safety of devices running Android Pie. The Android Keystore provides application developers with cryptographic tools designed to secure user data and Android Pie is...
SC Magazine

Ransomware strikes University of Maryland Medical System

The University of Maryland Medical System was hit with a ransomware attack earlier this week that affected a small number of its medical devices offline. About 250 of the system’s 27,000 devices were impacted by the attack, The Baltimore Sun...


Weekly Update 117

Presently sponsored by: Netsparker - a scalable and dead accurate web application security solution. Scan thousands of web applications within just hours.I'm in Whistler! And as I say at the start of this video, I did seriously consider having...

International email bomb hoax proves to be a spectacular failure

Authorities in the United States, Canada, Australia, and New Zealand are said to be investigating a wave of bogus bomb threats that have been sent to a variety of organisations late on Thursday. But if the hoaxer thought they were...
Bruce Schneier

Real-Time Attacks Against Two-Factor Authentication

Attackers are targeting two-factor authentication systems: Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security...

2018 – a year of data breaches in review

Week after week, month after month, 2018 saw organisations and companies struck by massive and damaging data breaches, putting the personal details of innocent members of the public at risk. Read more in my article on the Bitdefender Business Insights...
Bruce Schneier

Friday Squid Blogging: More Problems with the Squid Emoji

Piling on from last week's post, the squid emoji's siphon is in the wrong place. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting...