This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.

Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!

 

Tax Day Extortion: PowerWare Crypto-Ransomware Targets Tax Files

Tax Day draws closer in the U.S., and as millions of Americans are in the process of filing their taxes, cybercriminals are also stepping in to make this task profitable for them and difficult for their victims. PowerWare is a new crypto-ransomware that abuses Windows PowerShell for its infection routine. However, apart from encrypting files commonly targeted by ransomware, PoweWare also targets tax return files created by tax filing programs.

Ransomware Is Hitting Dozens Of Healthcare Organizations

Tuesday night MedStar Health announced some of their hospital systems had been hit with ransomware. They are yet another in a string of file-encrypting malware attacks against healthcare organizations in 2016. “Ransomware is a growing trend in the criminal underground because it is so profitable,” Mark Nunnikoven told iDigitalTimes. “When your job is on the line and critical data at stake, it’s tempting to pay the ransom, but this only makes you a bigger target.” 

Critical Vulnerability Allows Permanent Rooting of Most Android Phones

On March 18, Google published a security advisory for a critical vulnerability CVE-2015-1805 that applied to rooting apps. This bug allows malicious apps to gain “root” access to all Android phones below kernel version 3.18. This can greatly affect devices that no longer receive patches, or those with long rollout time.

New Remote Root Vulnerability Impacts HID Door Controllers

If you’ve ever been inside an airport, university campus, hospital, government complex, or office building, you’ve probably seen one of HID’s brand of card readers standing guard over a restricted area. A new command injection vulnerability exists in this function due to a lack of any sanitization on the user-supplied input that is fed into the system.

FBI Finally Hacks iPhone, Ending Court Battle with Apple

Apple’s battle with the FBI is over — at least for now. The U.S. Department of Justice said Monday that investigators were able to use a new technique to hack into an iPhone that was used by San Bernardino gunman Syed Farook. As a result, the government “no longer requires the assistance from Apple” to break into the phone — and is dropping its efforts to compel Apple to crack its own iPhone encryption against its will.

Chinese scammers take Mattel to the bank, Phishing them for $3 million

Mattel, the popular toy maker behind Barbie and Hot Wheels, was the victim of a Phishing attack last year that nearly cost them $3 million. The only thing preventing a total loss was a mixture of timing and luck, because the day following the attack happened to be a banking holiday in China. 

Obama Extends Executive Order for Cyber Sanction Powers

President Obama Tuesday extended the duration of the economic sanctioning powers that were put in place last year to deal with the increasing number cyber attacks against the U.S. In April 2015, President Obama issued an executive order to combat “malicious cyber-enabled activities” executed wholly, or in “substantial part,” by foreign attackers targeting the U.S., which included a detailed sanctions program that authorized government officials to strike back at threat actors. 

University of Georgia Hit by Cyberattack

The University of Georgia was the victim of a cyberattack Sunday night which blocked all Internet access for everyone on campus using the school’s network. The DDoS — distributed denial of service — attack came from outside UGA’s network, and began about 6:10 p.m., according to an email sent Monday by Timothy Chester, UGA’s vice president for information technology. 

‘Anonymous’ Hackers Cyber-Attack Angolan Government

The hacking collective Anonymous says it has shut down more than 20 Angolan government websites in response to the jailing of 17 youth activists. Many of the sites were still down 20 hours after the Portuguese branch of the group claimed the cyber-attack in a post on its Facebook page.

Rage-quit: Coder unpublished 17 lines of JavaScript and “broke the Internet”

It all started with a request from the developers of a messaging application to an open source developer to change the name of a library. It ended with JavaScript developers around the world crying out in frustration as hundreds of projects suddenly stopped working—their code failing because of broken dependencies on modules that a developer removed from the repository over a policy dispute.

Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.

from Trend Micro Simply Security http://ift.tt/1X2SsZj
via IFTTT