80% of All Android Users Are Vulnerable to Hackers Hijacking Their Web Traffic
- A bug that was first found in version 3.6 of the Linux OS kernel (released in 2012) allows attackers to terminate a device’s connections to servers and applications.
- The security flaw, which was noted by security firm Lookout on its blog, is worrying because it’s also present in Android KitKat 4.4 and later versions.
- That means that 80 percent of all Android devices, or about 1.4 billion of them, are affected and vulnerable to attacks.
- The good news is that the flaw isn’t exactly easy to exploit; it’d take almost a minute to attack a single user, and so it wouldn’t be practical to use this for large swathes of people.
- The bad news is that this enables a hacker to eavesdrop on your communications without having to compromise the network to do so, i.e. initiate a man-in-the-middle-attack.
- Google responded that company engineers are aware of the flaw and taking action, so it’s likely a fix will arrive soon.
*Source: The Next Web, August 16, 2016
Hotels Were Infected With Card Data Stealing Malware
- HEI Hotels & Resorts, which operates hotels for Starwood, Marriott and Hilton among others, has warned customers that their payment card data may have been stolen over the last couple years.
- The company said criminals had managed to install malware on the payment processing systems in 20 of its hotels, which could have taken customers’ names, card numbers, and expiration dates.
- The firm said it had since moved its payment card processing to a “stand-alone system that is completely separated from the rest of our network,” and making payments at the hotels was now safe.
- HEI recommended that customers review their credit and debit card account statements and report any suspicious activity to the cards’ issuers.
Source: Fortune, August 16, 2016
Shadow Brokers Leak Raises Alarming Questions: Was The NSA Hacked?
- The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments has caused concern inside American intelligence agencies.
- Most outside experts who examined the posts, by a group calling itself the “Shadow Brokers,” said they contained what appeared to be genuine samples of the code – though somewhat outdated – used in the production of the N.S.A.’s custom-built malware.
- Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran.
- Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files.
- WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future.
- The “Shadow Brokers” said they would auction the files off to the highest bidder.
Source: NewYork Times, August 16, 2016
Security Researcher Turns The Tables on Cyber-Scammers
- Have you ever received a phone call or email from someone trying to scam you with a nonexistent problem with your computer that will be expensive to solve?
- French security researcher Ivan Kwiatkowski knows how you feel, but he wasn't content with hanging up or uttering a few choice words of reprimand.
- The tech support scam has been around for the better part of a decade, bilking an estimated 3.3 million people in the US out of more than $1.5 billion in 2015, according to Microsoft.
- His parents received a warning that their computer was infected with the Zeus virus, and Kwiatkowski decided to have some fun, booting up a virtual machine and calling the tech support number listed.
- While on the phone with the scammers he offered a series of fake credit card numbers that baffle a team of operators he can hear in the background attempting to charge the accounts.
- Next he emails a sample of ransomware to the tech support rep, pretending it’s a picture of his credit card.
- While the ransomware could be considered a nice salvo against scammers, Kwiatkowski says his real goal is to waste their time, making the scamming operation less profitable.
Source: CNET, August 16, 2016
Software Firm Sage Probes Data Breach
- Around 280 UK businesses may have been impacted in hack using internal computer login.
- FTSE–listed software company Sage may have suffered a data breach at some point in the past weeks impacting personal details of employees at around 280 UK businesses.
- The company, which provides accounting and payroll services across 23 countries, has alerted its clients but is unsure whether the information was stolen for misuse or just viewed.
- An employee has been arrested in connection with the breach; a 32 year old woman was detained at Heathrow Airport, but is currently out on bail.
Source: Dark Reading, August 19, 2016
Clinic Won't Pay Breach Protection For Victims
- The CEO of a Georgia-based orthopedic clinic told his patients in the wake of a breach last week that the company cannot survive if it pays for credit monitoring services for each of the 200,000 people affected.
- Athens Orthopedic Clinic (AOC) was hacked in June, but AOC did not discover the breach until almost two weeks later.
- Hackers had made off with 200,000 records for current and former patients, including names, addresses, Social Security numbers, birth dates, telephone numbers, diagnoses and medical histories.
- It is believed that the records may be part of documents for sale online by a hacker who uses the name "thedarkoverlord."
- Breach related costs can soar, especially in the health care industry where the average cost of a breach is $398 per record – that would represent $79 million for AOC.
- Large companies such as Target are typically able to absorb such costs and keep moving often firing key employees to show changes are being made.
- Target absorbed $252 million in gross breach-related expenses between 2013 and 2015.
- While Target and the AOC are in different revenue spheres and business sectors, their breach reports read the same: a hacker infiltrated their network using a credential stolen from a thirdparty vendor.
- While the hacks may be the same, the consequences are not – the death by breach scenario is real and it’s only going to get worse for companies who don’t find ways to protect themselves.
- Sixty percent of all online attacks in 2014 targeted small and midsize businesses.
Source: ZDNet, August 16, 2016