CyberSecurity Pulse 2016-12-1
“A man is but the product of his thoughts what he thinks, he becomes.” | |||
Mahatma Gandhi | |||
Analyst Insight
Don't Put at Risk Your Health and Your Pocket on Upcoming Christmas Holidays
In this sense, Europol, the European law enforcement agency aims to halt the activity of online scammers who offer for sale fake products from well known brands. Because of this, the organization has conducted a massive crackdown against websites offering counterfeit products as part of the campaign dubbed "Don’t F***(AKE) Up". Authorities have already shut down more than 4,500 websites that were used by criminal organizations to offer for sale several types of products, including "luxury goods, sportswear, spare parts, electronics, pharmaceuticals, toiletries" and many others.
These products which, in addition, may not comply with the minimum safety standards applicable in the European market and which could also harm the health, have been targeted by cybercriminals during these days to launch potentially fraudulent campaigns. So keep the utmost precautions that have been recommended for the Black Friday and be prepared for those new campaigns that may take place in the next weeks before throwing yourself into any that new irresistible offer.
» More information at Security Affairs
Top Stories
Ransomware Locks Up San Francisco Public Transportation Ticket Machines
Computer systems at San Francisco’s transit system, Muni, have been restored following a malware attack on Friday afternoon. Payment systems across the agency’s subways read "out of order" in large red digital letters at Powell Station, Embarcadero Station and other stations across the city following the attack. Meanwhile, one person who may have spread the malware which disabled Muni computers said they want $73,000 as ransom in exchange for captured transit agency data (allegedly, around 30 GB of information), the San Francisco Examiner has learned. It is still unclear how many computer systems at San Francisco Municipal Transportation Agency (SFMTA) remain compromised, and how many have been restored to working order.
» More information at The San Francisco Examiner
Researchers Show How to Steal Tesla Car by Hacking into Owner's Smartphone
It's not new for security researchers to hack connected cars. Now this time, researchers at Norway-based security firm Promon have demonstrated how easy it is for hackers to steal Tesla cars through the company's official Android application that many car owners use to interact with their vehicle. Promon researchers explained that Tesla app generates an OAuth token when a Tesla owner log in to the Android app for the first time. The app then uses this token, without requiring the username and password every time the owner re-opens the app. This OAuth token is then stored in plain text into the device’s system folder which can be accessed by privileged root user only.
» More information at The Hacker News
Rest of the Week´s News
Personal Information of More Than 134,000 Sailors Exposed on a Contractor's Laptop
The US Navy has recognised that up to 134,386 full names, Social Security numbers and several sensitive information details would have been accessed by an unknown actor from a contractor's laptop. In words of the chief of naval personnel, the Navy is already investigating the incident although there is no evidence of the information having been misused yet.
» More information at Federal News Radio
An Upgraded Version of Mirai Targets Zyxel Routers
After the release of Mirai Botnet's soruce code some weeks ago, a new wave of attacks has been identified by a researcher at the SANS Technology Institute targeting routers from Zyxel benefiting from a flaw found in the SOAP service found in several routers of this company. Deutsche Telekom has stated that the problem may have affected up to 900,000 customers since last Sunday.
» More information at Computer World
Firefox 0-day Exploit Used To Deanonymise Tor Users
Several Tor project officials have warned about a Firefox 0-day exploit that would have been used to run arbitrary code in the systems of those running Windows versions of Tor Browser Bundle which, in fact, is a modified version of Firefox configured to get connected using the Tor network. Users should update their Tor Browser Bundle as soon as possible so as to get the latest Tor release to avoid being vulnerable to this type of attacks when using Tor (or Firefox).
» More information at Tor Project
Further Reading
Pentagon: Looking for a Few Good Hackers
» More information at The New York Times
Google to Fund 10K Android Developer Scholarships
» Más información at SC Magazine
GCHQ Presents CyberChef, an Open Source Data Analysis Tool
» Más información at Security Affairs