Week of August 19, 2016


Week of August 19, 2016

80% of All Android Users Are Vulnerable to Hackers Hijacking Their Web Traffic

  • A bug that was first found in version 3.6 of the Linux OS kernel (released in 2012) allows attackers to terminate a device’s connections to servers and applications.
  • The security flaw, which was noted by security firm Lookout on its blog, is worrying because it’s also present in Android KitKat 4.4 and later versions.
  • That means that 80 percent of all Android devices, or about 1.4 billion of them, are affected and vulnerable to attacks.
  • The good news is that the flaw isn’t exactly easy to exploit; it’d take almost a minute to attack a single user, and so it wouldn’t be practical to use this for large swathes of people.
  • The bad news is that this enables a hacker to eavesdrop on your communications without having to compromise the network to do so, i.e. initiate a man-in-the-middle-attack.
  • Google responded that company engineers are aware of the flaw and taking action, so it’s likely a fix will arrive soon.

*Source: The Next Web, August 16, 2016

Hotels Were Infected With Card Data Stealing Malware

  • HEI Hotels & Resorts, which operates hotels for Starwood, Marriott and Hilton among others, has warned customers that their payment card data may have been stolen over the last couple years.
  • The company said criminals had managed to install malware on the payment processing systems in 20 of its hotels, which could have taken customers’ names, card numbers, and expiration dates.
  • The firm said it had since moved its payment card processing to a “stand-alone system that is completely separated from the rest of our network,” and making payments at the hotels was now safe.
  • HEI recommended that customers review their credit and debit card account statements and report any suspicious activity to the cards’ issuers.

Source: Fortune, August 16, 2016

Shadow Brokers Leak Raises Alarming Questions: Was The NSA Hacked?

  • The release on websites this week of what appears to be top-secret computer code that the National Security Agency has used to break into the networks of foreign governments has caused concern inside American intelligence agencies.
  • Most outside experts who examined the posts, by a group calling itself the “Shadow Brokers,” said they contained what appeared to be genuine samples of the code – though somewhat outdated – used in the production of the N.S.A.’s custom-built malware.
  • Most of the code was designed to break through network firewalls and get inside the computer systems of competitors like Russia, China and Iran.
  • Whoever obtained the source code apparently broke into either the top-secret, highly compartmentalized computer servers of the N.S.A. or other servers around the world that the agency would have used to store the files.
  • WikiLeaks declared that it had a full set of the files — it did not say how it had obtained them — and would release them all in the future.
  • The “Shadow Brokers” said they would auction the files off to the highest bidder.

Source: NewYork Times, August 16, 2016

Security Researcher Turns The Tables on Cyber-Scammers

  • Have you ever received a phone call or email from someone trying to scam you with a nonexistent problem with your computer that will be expensive to solve?
  • French security researcher Ivan Kwiatkowski knows how you feel, but he wasn't content with hanging up or uttering a few choice words of reprimand.
  • The tech support scam has been around for the better part of a decade, bilking an estimated 3.3 million people in the US out of more than $1.5 billion in 2015, according to Microsoft.
  • His parents received a warning that their computer was infected with the Zeus virus, and Kwiatkowski decided to have some fun, booting up a virtual machine and calling the tech support number listed.
  • While on the phone with the scammers he offered a series of fake credit card numbers that baffle a team of operators he can hear in the background attempting to charge the accounts.
  • Next he emails a sample of ransomware to the tech support rep, pretending it’s a picture of his credit card.
  • While the ransomware could be considered a nice salvo against scammers, Kwiatkowski says his real goal is to waste their time, making the scamming operation less profitable.

Source: CNET, August 16, 2016

Software Firm Sage Probes Data Breach

  • Around 280 UK businesses may have been impacted in hack using internal computer login.
  • FTSE–listed software company Sage may have suffered a data breach at some point in the past weeks impacting personal details of employees at around 280 UK businesses.
  • The company, which provides accounting and payroll services across 23 countries, has alerted its clients but is unsure whether the information was stolen for misuse or just viewed.
  • An employee has been arrested in connection with the breach; a 32 year old woman was detained at Heathrow Airport, but is currently out on bail.

Source: Dark Reading, August 19, 2016

Clinic Won't Pay Breach Protection For Victims

  • The CEO of a Georgia-based orthopedic clinic told his patients in the wake of a breach last week that the company cannot survive if it pays for credit monitoring services for each of the 200,000 people affected.
  • Athens Orthopedic Clinic (AOC) was hacked in June, but AOC did not discover the breach until almost two weeks later.
  • Hackers had made off with 200,000 records for current and former patients, including names, addresses, Social Security numbers, birth dates, telephone numbers, diagnoses and medical histories.
  • It is believed that the records may be part of documents for sale online by a hacker who uses the name "thedarkoverlord."
  • Breach related costs can soar, especially in the health care industry where the average cost of a breach is $398 per record – that would represent $79 million for AOC.
  • Large companies such as Target are typically able to absorb such costs and keep moving often firing key employees to show changes are being made.
  • Target absorbed $252 million in gross breach-related expenses between 2013 and 2015.
  • While Target and the AOC are in different revenue spheres and business sectors, their breach reports read the same: a hacker infiltrated their network using a credential stolen from a thirdparty vendor.
  • While the hacks may be the same, the consequences are not – the death by breach scenario is real and it’s only going to get worse for companies who don’t find ways to protect themselves.
  • Sixty percent of all online attacks in 2014 targeted small and midsize businesses.

Source: ZDNet, August 16, 2016

Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top