Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick-read compilation, we’ll let you know of the latest news and controversies that the industry has been talking about recently.
Here’s what you don’t want to miss from the week of September 28, 2015:
- A massive data breach at Experian – one of largest credit reporting bureaus in the US – has led to the exposure of the personal information of more than 15 million T-Mobile consumers. In a letter addressed to customers, the mobile carrier stated that the records accessed included names, addresses, birthdates, as well as encrypted fields with Social Security numbers and driver’s licenses or passport numbers. T-Mobile CEO John Legere responded in a statement:
“Obviously I am incredibly angry about this data breach and this data breach and we will institute a thorough review of our relationship with Experian, but right now my top concern and first focus is assisting any and all consumers affected.”
- Retail brokerage firm Scottrade Inc. also disclosed a breach this week involving contact information and possibly Social Security numbers of approximately 4.6 million customers, according to security journalist Brian Krebs. The company said it was alerted by federal law enforcement about crimes involving the theft of information from Scottrade in addition to other financial services firms. “Importantly, we have no reason to believe that Scottrade’s trading platforms or any client funds were compromised,” said the company.
- A 22-year-old Russian man responsible for distributing and installing the notorious Citadel banking Trojan has been sentenced to four and half years in prison. According to the Federal Bureau of Investigation, Dimitry Belorossov, also known as Rainerfox, pleaded guilty last year to conspiracy to commit computer fraud. In addition to time in prison, Belorossov was ordered to pay more than $322,000 in restitution, and was placed on supervised release for three years.
- A security researcher disclosed a critical flaw in WinRAR – a popular Windows unzipping tool used for decompressing .ZIP, .RAR and .7Z files. The vulnerability is said to affect the latest version of the software, causing it to execute arbitrary code as a user unzips an SFX archive. The security risk of the flaw gave it a 9.2 score on the CVSS scale.
- A group of security researchers discovered a Linux-based botnet that is reportedly capable of launching distributed denial-of-service (DDoS) attacks of over 150 gigabits per second, taking many of its victims completely offline. Akamai’s Security Intelligence Response Team reported the network – known as XOR DDoS Botnet – targets more than 20 websites per day, with the gaming sector being the primary target, followed by educational institutions. The researchers said the malware spreads via Secure Shell (SSH) services susceptible to brute-force attacks due to weak passwords.
- More than one billion Android phones and devices are vulnerable to a new set of Stagefright bugs, warned researchers at mobile security firm Zimperium. Dubbed Stagefright 2.0, the two vulnerabilities manifest when processing specially crafted MP3 audio or MP4 video files, allowing attackers to execute malicious code. The first vulnerability impacts devices running outdated versions (as far as 1.0), while the second vulnerability affects devices running more recent versions (up to 5.0).
- According to IBM, the UK’s financial services sector is seeing a spike in banking Trojan attacks from two families connected with the Zeus Trojan: Sphinx and Kronos. Researchers claim the Sphinx malware is actively attacking financial institutions in the wild, including several major UK banks and one Polish bank. Meanwhile, Kronos appears to have recently reemerged, showing “no technical advancements but a change in turf that [also] focuses on UK banks,” said IBM.