A lot happens in the security world, some big and some small, and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot ThreatBrief, highlighting 5 major security news stories of the week.
Indian Banks Hit with Ransomware
Recently, several Indian banks were infiltrated by an unknown hacker, who used this access to launch a ransomware attack. Using LeChiffre, a manually-executed ransomware program, the hacker was able to encrypt the already infected machines, and set a ransom of 1 Bitcoin (currently worth ~$400 USD). Though not meant to be used in a large-scale malware distribution campaign, hundreds of bank computers were infected, with several top bank executives paying the ransom. A decryptor for LeChiffre is available; though only useful for version 2.6.
New Technology Leads to Car Issues
With the improvements in vehicle technology, there is bound to be a rise in exploitable vulnerabilities. Using the existing OBD II ports in consumer vehicles, researchers were able to wirelessly gain access to the system network and make changes to critical components. Unfortunately, these issues are industry-wide and the automakers are playing catch-up to a whole string of problems that were previously nonexistent. This is only the beginning of a long road for car companies, in terms of keeping ahead of these issues.
Read More: http://time.com/4195332/hacking-cars-security/
PayPal Resolves Java Exploit
This week, it was found by an independent researcher, that there was a critical bug in PayPal’s servers. The bug allowed access to databases used by the PayPal app, which gave the attacker access to information that had been deserialized for communication between various programs. Using the information that was gathered, the attacker could then drop a malicious payload onto the servers, and gain further access to sensitive information.
Read More: https://nakedsecurity.sophos.com/2016/01/27/critical-java-bug-found-in-paypal-servers/
Android Ransomware Evolving
Ransomware is nothing new for the Android OS, and now there have been updates that can allow a fake screen overlay to be created over an administrator access dialog box, with the user then clicking on the fake button and unknowingly giving full access to the malicious software. Fortunately for most Android users, the multiple dialog boxes that are being exploited have been changed with Android 5.0, to no longer display above system dialog messages.
Payment Data Security Needs Update
A survey was recently completed that asked 3,700 IT security professionals, in several different industries, questions covering their data security policies and actual practices. Over half of those surveyed stated that they had no idea where some of their customer data was stored, while a similar number allowed third-party access to customer payment data, with no multi-factor authentication required. Hopefully, with the rise in data breaches over the last year, many of these companies will strive to improve payment data to better protect themselves and their customers.
Read More: http://www.net-security.org/secworld.php?id=19369