Reading Time: ~ 2 min.
ZeroCleare Malware Wiping Systems
IBM researchers have been tracking the steady rise in ZeroCleare
deployments throughout the last year, culminating in a significant rise in
2019. This malware is deployed on both 32 and 64-bit systems in highly targeted
attacks, with the capability to completely wipe the system by exploiting the
EldoS RawDisk driver (which was also used in prior targeted attacks). The
malware itself appears to be spreading through TeamViewer sessions and, though
the 32-bit variant seems to crash before wiping can begin, the 64-bit variant
has the potential to cause devastating damage to the multi-national
corporations being targeted.
FTC Scam Threatens Victims with Terrorism Charges
FTC officials recently made an announcement regarding scam letters purporting to be from the commission and the numerous complaints the letters have sparked from the public. Victims of the scam are told that, due to some suspicious activity, they will be personally and financially monitored as well as face possible charges for terrorism. These types of scams are fairly common and have been in use for many years, often targeting the elderly with greater success.
Misreported Data Breach Costs Hospital Millions
Following an April 2017 complaint, the Office of Civil
Rights has issued a fine of $2.175 million after discovering that Sentara
Hospitals had distributed the private health information for 577 patients,
but only reported eight affected. Moreover, it took over a year for the
healthcare provider to take full responsibility for the breach and begin
correcting their security policies for handling sensitive information. HIPAA
violations are extremely time-sensitive and the slow response from Sentara
staff could act as a lesson for other organizations to ensure similar events don’t
Android Vulnerability Allows Hackers Easy Access
Researchers have identified a new Android
exploit that allows hackers access to banking applications by quickly
stealing login credentials after showing the victim a legitimate app icon,
requesting additional permissions, and then sending the user to their expected
app. Even more worrisome, this vulnerability exists within all current versions
of AndroidOS and, while not found on the Google Play Store, some illicit
downloaders were distributing it.
Smith & Wesson Hit by Magecart
In the days leading up to Black Friday, one of the largest
retail shopping days of the year, malicious skimming code was placed onto the
computer systems and, subsequently, the website of Smith
& Wesson. In a slight break from the normal Magecart tactics, they
attackers were masquerading as a security vendor to make their campaign less
visible. The card-skimming code was initially placed onto the website on November
27 and was still active through December 2.