There’s a lot that happens in the security world, with many stories getting lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.

Hard Rock Las Vegas Confirms Credit Card Breach

Recently, the Hard Rock Cafe in Las Vegas issued a statement regarding the unauthorized access to its card processing systems, confirming that a breach had occurred and that affected customers from the last 9 months. The resort has since been in contact with customers that may have been affected by any fraudulent activity and are working to determine how the breach was carried out.

https://threatpost.com/hard-rock-las-vegas-noodle-and-co-confirm-hacks/118966/

Auto-rooting Malware? There’s An App For That!

In the past week, researchers have identified a new app on the Google Play marketplace that, once installed, will give itself root access to the device and begin installing new apps without any user interaction. The app, called ‘LevelDropper’, appears to be a simple horizontal leveling app, but once it’s active on the device with elevated permissions, it allows for attackers to install numerous other apps in order to increase ad revenue per installation.

https://threatpost.com/google-play-hit-with-rash-of-auto-rooting-malware/118938/

CCTV Botnet Used to DDoS Jewerly Shop

While stories of DDoS attacks targeting banks and other financial institutions are quite common these day, using a botnet comprised solely of hacked CCTV security cameras to attack a jewelry store website seems a bit out of place. The botnet in question is currently in control of over 25,000 cameras across at least 100 different countries. At this strength, it was capable of sending over 50,000 requests per second, rendering the jewelry site completely inaccessible.

http://arstechnica.com/security/2016/06/large-botnet-of-cctv-devices-knock-the-snot-out-of-jewelry-website/

Microsoft Loses Lawsuit Over Windows 10

With the deadline for the free Windows 10 upgrade only a few weeks away, some users who have been automatically updated to the latest Microsoft OS are less-than-pleased with it. One such case is a travel agent in California who went to court seeking restitution for her lost revenue and the cost of a new computer after the automatic Windows 10 upgrade failed and caused her computer to become unusable. Microsoft declined to appeal the case and the resulting judgement cost them $10,000.

http://www.seattletimes.com/business/microsoft/microsoft-draws-flak-for-pushing-windows-10-on-pc-users/?utm_source=twitter&utm_medium=social&utm_campaign=article_left_1.1

NASCAR Team Hit With Ransomware Prior to Race

In a time where ransomware is running rampant, it comes as no surprise that one of the highest grossing entertainment events in the world would enter the crosshairs of cybercriminals. Shortly before the race at Texas Motor Speedway in April, the Circle-Sport Leavine Family Racing team was hit with the TeslaCrypt ransomware variant that effectively shut down their 3-computer system, and almost cost them years of time and money spent on racing technology. The team paid the $500 ransom in bitcoins and was able to successfully decrypt their computers in time for race start.

https://www.helpnetsecurity.com/2016/06/27/nascar-team-victim-ransomware/

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This