The Friday Tech Takeaway - 01.12.17
If you carry at least one known vulnerability, you likely carry more. 51.8% of vulnerable sites carry more than one known security vulnerability. While the majority of those sites carry one or two, the long-tail is scary. 9.2% of sites carry libraries with a combined four or more known security vulnerabilities. https://snyk.io/blog/77-percent-of-sites-still-vulnerable/
World's biggest Botnet sends 12.5 million emails with Scarab ransomware
A massive malicious email campaign that stems from the world's largest spam botnet, Necurs, is spreading a new strain of ransomware at the rate of over 2 million emails per hour and hitting computers across the globe.
Facebook bugs allows anyone to delete your photos
Pouya Darabi, an Iranian web developer, discovered and reported a critical yet straightforward vulnerability in Facebook earlier this month that could have allowed anyone to delete any photo from the social media platform. https://blog.darabi.me/2017/11/image-removal-vulnerability-in-facebook.html
Google detects Android spyware for WhatsApp and Skype calls
Google Play Protect—a security feature that uses machine learning and app usage analysis to check devices for potentially harmful apps—recently helped Google researchers to identify a new deceptive family of Android spyware that was stealing user information. https://security.googleblog.com/2017/11/tizi-detecting-and-blocking-socially.html
New Mirai Botnet variant found Targeting ZyXEL devices in Argentina
Researchers have discovered an increase in traffic scanning ports 2323 and 23 from hundreds of thousands of unique IP addresses from Argentina in less than a day. The targeted port scans are actively looking for vulnerable internet-connected devices manufactured by ZyXEL Communications using two default telnet credential combinations—admin/CentryL1nk and admin/QwestM0dem—to gain root privileges on the targeted devices.
macOS High Sierra bug lets anyone gain root access without password
If you own a Mac computer and run the latest version of Apple's operating system, macOS High Sierra, then you need to be extra wary. A serious, yet stupid vulnerability has been discovered in macOS High Sierra that allows untrusted users to quickly gain unfettered administrative (or root) control on your Mac without any password or security check, potentially leaving your data at risk. https://thehackernews.com/2017/11/mac-os-password-hack.html
22-year-old hacker pleads guilty to 2014 Yahoo hack, admits helping Russian intelligence
Karim Baratov, a 22-year-old Kazakhstan-born Canadian citizen, has pleaded guilty to hacking charges over his involvement in massive 2014 Yahoo data breach that affected three billion Yahoo accounts. In March, the US Justice Department announced charges against two Russian intelligence officers (Dmitry Dokuchaev and Igor Sushchin) from Russia's Federal Security Service (FSB) and two hackers (Alexsey Belan and Karim Baratov) for breaking into Yahoo servers in 2014. https://www.justice.gov/opa/pr/canadian-hacker-who-conspired-and-aided-russian-fsb-officers-pleads-guilty
Hackers exploit recently disclosed Microsoft Office Bug
A recently disclosed severe 17-year-old vulnerability in Microsoft Office that lets hackers install malware on targeted computers without user interaction is now being exploited in the wild to distribute backdoor malware. First spotted by researchers at security firm Fortinet, the malware has been dubbed Cobalt because it uses a component from a powerful and legitimate penetration testing tool, called Cobalt Strike.
Cryptocurrency mining scripts run after you close your browser
Want to rid your PC of HP Bloatware? Here’s how
Multiple HP customers from around the world are reporting that HP has started deploying a form of "spyware" onto their laptops—without informing them or asking their permission. The application being branded as spyware is actually a Windows Telemetry service deployed by HP, called "HP Touchpoint Analytics Client," which was first identified on November 15. https://thehackernews.com/2017/11/hp-computers-telemetry-data.html
Uber lawsuits pile up
On Monday, the city of Chicago and Cook County filed a lawsuit asking the court to fine Uber $10,000 a day for each violation of a consumer's privacy. The suit contends Uber took much too long to report the breach. Then on Tuesday, Washington State Attorney General filed a consumer protection lawsuit against Uber, asking for penalties of up to $2,000 per violation. The lawsuit alleges that at least 10,888 Uber drivers in Washington were breached, so the lawsuit could result in millions of dollars of penalties.
Russia to launch backup DNS system by August 2018
The Russian government is currently discussing plans to build its own "independent internet infrastructure" that will be used by BRICS member states — Brazil, Russia, India, China, and South Africa. The plan was part of the topic list at the October meeting of the Russian Security Council, and President Vladimir Putin approved the initiative with a completion deadline of August 1, 2018, according to Russian news agency RT (formerly Russia Today). https://www.rt.com/politics/411156-russia-to-launch-independent-internet/