Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick-read compilation, we’ll let you know of the latest news and controversies that the industry has been talking about recently.
Here’s what you don’t want to miss from the week of October 5, 2015:
- Samsung’s mobile payment system, LoopPay, was hacked earlier this year, only a month before the tech giant acquired the company for more than $250 million. According to The New York Times, a notorious hacking group breached LoopPay’s corporate network back in February; however, the start-up says there has been no indication that the hackers infiltrating Samsung’s systems or that consumer data had been exposed.
- Researchers discovered an advanced attack leveraging the Microsoft Outlook Web App (OWA), which could provide intruders with access to a large number of enterprise credentials, allowing them to gain persistent control over an organization’s environment. Security firm Cybereason warned the attack consisted of a malicious module loaded onto the internet-facing webmail server, giving attackers the ability to record authentication credentials, as well as handing over complete backdoor capabilities.
- Cisco’s Talos Security Intelligence and Research Group announced the disruption of a large ransomware campaign connected to the Angler exploit kit – one of the most sophisticated exploit kits on the market estimated to have generated more than $30 million in revenue through ransomware attacks. After a deep analysis of the domain activity associated with the adversaries, researchers contacted affected hosting providers to shut down malicious servers and updated its products to prevent redirects to Angler proxies.
“This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen IP, credit card info and personally identifiable information (PII) are generating hundreds of millions of dollars annually,” said the researchers.
- Apple said it has removed several apps from its App Store that could potentially be used to monitor information sent to and from iPhones and iPads. An Apple spokesperson stated: “We’ve removed a few apps from the App Store that install root certificates which enable the monitoring of customer network data that can in turn be used to compromise SSL/TLS security solutions.” The move comes shortly after numerous cybersecurity firms reported that dozens, if not thousands, of Chinese apps available on the App Store contained embedded malware.
- California Gov. Jerry Brown signed a privacy bill into law this week mandating the state’s law enforcement agencies to obtain a warrant for online data, including text and email messages, geographical location, as well as files stores remotely on cloud services. Among the bill supporters were tech and social media giants Google, Facebook and Twitter.
“For too long, California’s digital privacy laws have been stuck in the Dark Ages, leaving our personal emails, text messages, photos and smartphones increasingly vulnerable to warrantless searches. That ends today with the Governor’s signature of CalECPA, a carefully crafted law that protects personal information of all Californians. The bill also ensures that law enforcement officials have the tools they need to continue to fight crime in the digital age,” said Sen. Mark Leno (D-San Francisco).
- A vulnerability in Netgear routers – which was previously disclosed by researchers – has been publicly exploited. According to Threatpost, an unidentified user notified Compass Security, a firm based in Switzerland, of experiencing router instability. The company found that all DNS queries had been redirected to the attacker’s server. Netgear has yet to release patched firmware but is reportedly working with Compass to address the issue.
- Trump Hotel Collection recently announced confirmation of a credit card breach that occurred over a year-long period, potentially resulting in the theft of credit cards used at its string of luxury hotel properties. The company stated that the breach affects customers who used their credit or debit cards at locations between May 19, 2014, and June 2, 2015.
“Immediately upon learning of a possible incident, we notified the F.B.I. and financial institutions, and engaged an outside forensic expert to conduct an investigation of the incident,” said the company.
“In addition, as part of the investigation, we removed the malware and are in the process of reconfiguring various components of our network and payment systems to further secure our payment card processing systems.”
Title image courtesy of Shutterstock.com