Latest News
Iain Thomson / The Register
NSA’s DOUBLEPULSAR Backdoor Infecting Thousands of Machines in ‘Bloodbath’
One of the NSA’s elite hacking tools dumped by the Shadow Brokers a week ago, named DOUBLEPULSAR, is infecting unpatched or deprecated Windows machines at such a rapid rate that one security pro, Dan Tentler of Phobos Group, is calling it a “bloodbath,” one of the more polite terms he applied to the rapid spread of this malware. DOUBLEPULSAR is a backdoor which can allow attackers to run malicious code on the machine and is installed using another dumped NSA exploit, ETERNALBLUE. DOUBLEPULSAR attacks SMB file-sharing services on Windows XP to Server 2008 R2. An estimated 15,000 to 41,000 upatched machines have been infected by DOUBLEPULSAR based on Shodan scans and the number continues to grow. Patches are available for DOUBLEPULSAR but the relevant machines haven’t been patched.
Matt Weaver / The Guardian
Teen Hackers See Hacking as ‘Moral Crusade,’ Money Not a Big Factor
Teen hackers are not motivated by financial reasons when they take up the hacking game but rather are spurred by idealism and a sense of a “moral crusade,” according to a study by the UK’s National Crime Agency. The law enforcement agency interviewed teen hackers, some as young as twelve, and found they were unlikely to be involved in older hacker crimes such as theft, fraud or harassment. The report also found that free hacking tools found on the web and gaming websites and forums serve as gateways into hacking activities for young people.
Dan Goodin / Ars Technica
The Windows .LNK Bug Used in Stuxnet is Still the Most Widely Exploited Bug
The by-now famous and long-patched .LNK bug which was used in the Stuxnet attack against Iran’s nuclear facilities in 2008 was the most exploited vulnerability in 2015 and 2016, according to Kaspersky Lab. In 2015, 27% of Kaspersky who encountered any exploit were exposed to the bug, while in 2016 that figure dipped to 24.7% but still remained the top exploited bug. The bug is exploited by a contaminated USB stick and resides in .LNK files Windows uses to display icons when a USB stick is connected to a PC.
CYRUS FARIVAR / Ars Technica
Lawsuit Says Trump Team’s Favorite Messaging App Confide is Insecure
A Michigan man, Jeremy Auman, has filed a civil suit against Confide, a supposedly secure messaging app that is popular among Trump staffers, alleging that the app fails to protect the confidentiality of its messages. Auman states that the app isn’t secure when run on a desktop computer, which threatens the entire Confide user base because even if users send messages via the mobile app, they can’t be aware of whether the recipients are using the desktop version or the mobile version. Confide contends the accusations in the complaint are without merit.
Andy Greenberg / Wired
U.S. Considering Possible Criminal Charges Against Wikileaks’ Julian Assange
Despised by many people across the political spectrum, hacktivist culture leader and Wikileaks founder Julian Assange may soon face criminal charges from the U.S. Justice Department for publishing classified information, sources familiar with the case say. Among the charges contemplated by prosecutors are conspiracy, theft of government property or violating the Espionage Act, although it’s not clear which episode of Wikileaks’ activity will be covered by the charges. Over the past two months, Wikileaks published a number of illegally obtained documents related to CIA hacking tools, known as the Vault 7 release, but the group’s activities under consideration for possible charges include involvement in the leaks of 250,000 State Department communications, known as Cablegate, or acting as a “laundering” outlet for state-backed Russian hackers who sought to swing the U.S. presidential election in favor of Donald Trump. Whatever charges may be filed against Assange, consensus among First Amendment specialists holds that any prosecution against him might damage freedom of the press for all journalistic outlets in the U.S.
Danny Palmer / ZDNet
Location Tracking Malware Was Undetected in Google Play Store for Three Years
Android malware capable of tracking users’ locations remained undetected for three years in the Google Play Store and was downloaded between one and five million times from 2014 to 2017, researchers at security firm ZScaler discovered. The SMSVova Android spyware posed as a system update in the Play Store, promising to give users the latest Android system updates. Instead, after displaying an install error message, the malware set up something called MyLocationService to fetch the last known location of the user and set it up in Shared Preferences. After initiation via a SMS message, the malware sent the device location to attackers, although the reasons why attackers wanted the location information are not clear.
Joe Uchill / The Hill
Ron Wyden Pushes for Senate to Improve Its Cybersecurity Practices
Senator Ron Wyden (D-OR) sent a letter to the Senate Committee on Rules and Administration’s leadership urging them to adopt “basic cybersecurity practice” to protect Senate digital assets. In the letter, Wyden specifically asked for the Senate to adopt two-factor authentication to log into networks and widespread adoption of identification cards with smart chips, which can serve as another kind of two-factor authentication. Currently, staffers i.d. cards have a picture of a smart chip as opposed to a real smart chip.
Podcasts
No results for Podcasts.Spotlight
Iain Thomson / The Register
NSA’s DOUBLEPULSAR Backdoor Infecting Thousands of Machines in ‘Bloodbath’
2 years ago
Matt Weaver / The Guardian
Teen Hackers See Hacking as ‘Moral Crusade,’ Money Not a Big Factor
2 years ago
Dan Goodin / Ars Technica
The Windows .LNK Bug Used in Stuxnet is Still the Most Widely Exploited Bug
2 years ago
CYRUS FARIVAR / Ars Technica
Lawsuit Says Trump Team’s Favorite Messaging App Confide is Insecure
2 years ago
Andy Greenberg / Wired
U.S. Considering Possible Criminal Charges Against Wikileaks’ Julian Assange
2 years ago
Danny Palmer / ZDNet
Location Tracking Malware Was Undetected in Google Play Store for Three Years
2 years ago
Cybersecurity Events
| Jan. 7-10 | Flocon | New Orleans, LA | USA |
| Jan. 18-20 | ShmooCon | Washington, DC | USA |
| Jan. 21-26 | SANS Miami | Miami, FL | USA |
| Jan. 21-28 | Cyber Threat Intelligence Summit | Arlington, VA | USA |
| Jan. 26 | BSides Long Island | Glen Head, NY | USA |
| Jan. 28-30 | Enigma 2018 | Burlingame, CA | USA |
| Feb. 15-16 | OffensiveCon | Berlin | Germany |
| Feb. 25-Mar. 3 | Open-Source Intelligence Summit | Alexandrai, VA | USA |
| Mar. 1-2 | Nullcon | Goa | India |
| Mar. 10 | BSides San Jose 2018 | San Jose | Costa Rica |
| Mar. 13-14 | Tactical Edge | Bogota | Colombia |
| Mar. 18-22 | TROOPERS19 | Heidelberg | Germany |
| Mar. 26-29 | BlackHat Asia | Singapore | Singapore |
| Apr. 11-12 | CypherCon | Milwaukee, WI | USA |
| Apr. 16-19 | LocoMocoSec | Kauai, Hawaii | USA |
Listen to Us on Alexa!
Join hundreds of your peers who listen to our concise summaries on Amazon Alexa every day. Search for cybersecurity news or go here.