This week we have several interesting articles to highlight, covering Ransomware, data breaches, and smartphone vulnerabilities.
1. Security Week: "Hackers Disrupt Locky Ransomware Campaign"
No one is quite sure how, or even why, but someone has managed to disrupt the dangerous "Locky" ransomware campaign. The article above by
Security Week discusses how now, when the Locky payload is meant to be downloaded from the attackers' server, a 12kb executable file is downloaded instead. The file doesn't contain a valid structure or any threats to the systems that download it, and apparently will only display an error message stating: "Stupid Locky." It is likely that white-hat hackers were responsible for this disruption, and replaced the real executable for Locky with the fake one.
The article warns that this is likely only temporary good news, however. The developers of Locky have been continually improving their ransomware variant, and likely will be able to recreate it. But at least for now, there is a reprieve from this particular attack.
2. Krebs on Security: "Crooks Grab W-2's from Credit Bureau Equifax."
 |
| Photo Credit: Mike Stewart, AP |
One of the big-three credit bureaus, Equifax, seems to have had another breech of W-2 data. Their website, W-2Express, provides the employees of many businesses the opportunity to view their W-2's online, but apparently comes with vulnerabilities built in for some users.
Krebs on Security reported that Kroger employees were the unfortunate victims this time, and any employees that did not log in to change their passwords from the default may have been exposed in the data breach. According to Kroger, the breach does not appear to have come from their systems.
Equifax also does not believe the breach was in their systems, but that the passwords were obtained through other methods. W-2Express' default password value is unfortunately simply the last 4 digits of an employee's SSN and the 4 digits of their birth year. Unfortunately, this information is often fairly simply for many criminals to obtain, and allowed the breach of even more personal data via their W-2's. Neither party is certain how many individuals were effected by this breach, but it likely was fairly sizable for Kroger to send a letter to all current employees about the incident.
3. CSO Online: "Qualcomm flaw puts millions of Android devices at risk."
As if Android phones did not have enough security risks, a new, major issue in Qualcomm chips has caused further security concerns.
CSO Online reported that this vulnerability puts these devices at risk for theft of text messages and call history. This flaw was patched in March, but older Android phones have no access to this patch. With the number of phones present with this flaw, and the number that cannot be updated, millions of Android devices are unfortunately left vulnerable to this exploit.
According to the article, devices running Android KitKat 4.4 and above are less effected by these risks, but still may have some risks. But any phones running Jelly Bean, KitKat, Lolipop are exposed to this threat. It is strongly advised if you are using a phone with one of these operating systems that you check with your phone's manufacturer for a patch for the vulnerability, tracked as CVE-2016-2060.
That's all for this week, check back next week for more news on
Information Security. And if you want more information on how Astria
Business Solutions can assist you in meeting your business' information
security goals, visit our website at
AstriaBiz.com
No comments:
Post a Comment