Tech News

Recent Fake DDOS Threats by "Armada Collective" https://blog.cloudflare.com/empty-ddos-threats-meet-the-armada-collective/ IRS Discontinues e-Filing Pins https://www.irs.gov/uac/irs-statement-on-the-electronic-filing-pin CCTV Cameras Still A Major Threat https://blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html

"Bart" Ransomware https://isc.sans.edu/forums/diary/Bart+a+new+Ransomware/21195/ Swagger Vulnerablity https://community.rapid7.com/community/infosec/blog/2016/06/23/r7-2016-06-remote-code-execution-via-swagger-parameter-injection-cve-2016-5641 "Enriched" Voter Database Leak https://mackeeper.com/blog/post/239-another-us-voter-database-leak

Uber Vulnerabliity Summary https://labs.integrity.pt/articles/uber-hacking-how-we-found-out-who-you-are-where-you-are-and-where-you-went/ Apple Intentially Left Kernel Decrypted https://techcrunch.com/2016/06/22/apple-unencrypted-kernel/ Wordpress Fixes Various Critical Vulnerabilities https://codex.wordpress.org/Version_4.5.3 Let's Encrypt Reaching 5 Million Issued Certificates https://letsencrypt.org/2016/06/22/https-progress-june-2016.html Necurs Botnet is Back https://www.proofpoint.com/us/threat-insight/post/necurs-botnet-returns-with-updated-locky-ransomware-in-tow

Deobfuscating Java Code https://isc.sans.edu/forums/diary/Security+through+obscurity+never+works/21187/ iOS 10 Beta Not Encrypted To Aid Bug Hunters https://www.technologyreview.com/s/601748/apple-opens-up-iphone-code-in-what-could-be-savvy-strategy-or-security-screwup/ Microsoft Updates SEAL http://research.microsoft.com/en-us/people/kilai/v2.0-beta.pdf Cisco Releases Pidgin Vulnerabilities http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html Libarchive vulnerabilities http://blog.talosintel.com/2016/06/the-poisoned-archives.html

Apple Airport (and Time Capsule) Update https://support.apple.com/en-us/HT201222 StartCom Adding API For Free SSL Certificates https://support.apple.com/en-us/HT201222 BitCoin Phishing With Typo Squatting Domains http://blog.cyren.com/articles/2016-Q2_bitcoin-phishing-via-google-adwords.html Google Attempting to Simplify 2 Factor Authentication http://googleappsupdates.blogspot.co.uk/2016/06/new-settings-for-2-step-verification.html

Fake SWIFT Payment Notices Used in Malicious E-Mail Campaign https://isc.sans.edu/forums/diary/Ongoing+Spam+Campaign+Related+to+Swift/21177/ RedHat Fixes Various OpenSSL Integer Overflows https://github.com/openssl/openssl/commit/a004e72b95835136d3f1ea90517f706c24c03da7 JavaScript Ransom Ware http://www.bleepingcomputer.com/news/security/the-new-raa-ransomware-is-created-entirely-using-javascript/ Triada/Horde Mobile Malware Updates http://blog.checkpoint.com/2016/06/17/in-the-wild-mobile-malware-implements-new-features/

Avoiding Javascript Malware https://isc.sans.edu/forums/diary/Controlling+JavaScript+Malware+Before+it+Runs/21171/ LogMeIn Joining Other Sites in Proactively Resetting Passwords https://blog.logmeininc.com/password-reuse-issue-affecting-logmein-users/ Kaspersky Publishes Details Around Recent Flash Vulnerability https://securelist.com/blog/research/75100/operation-daybreak/ CSRF Vulnerability in Democratic Party Donation Platform http://rajk.me/actblue/#intro

Adobe Patches Critiical Flash Vulnerability https://helpx.adobe.com/security/products/flash-player/apsb16-18.html Teamviewer Users May be Compromised by Trojaned Client http://blog.trendmicro.com/trendlabs-security-intelligence/unsupported-teamviewer-versions-exploited-backdoors-keylogging/ Siemens ICS Equipment Transmits Credentials Over the Network https://ics-cert.us-cert.gov/advisories/ICSA-16-161-02 GitHub Resets User Accounts Compromissed In 3rd Party Incident https://github.com/blog/2190-github-security-update-reused-password-attack HTTP Header Injection in Python urllib http://blog.blindspotsecurity.com/2016/06/advisory-http-header-injection-in.html

Group Policy Issues After Applying MS16-072 (KB3159398) https://social.technet.microsoft.com/Forums/en-US/e2ebead9-b30d-4789-a151-5c7783dbbe34/patch-tuesday-kb3159398?forum=winserverGP Apple Will Reject Apps Using HTTP https://developer.apple.com/videos/play/wwdc2016/706/ Rising AntiVirus Includes Malware (article only in german) http://www.heise.de/security/meldung/Virenscanner-infiziert-Systeme-mit-Sality-Virus-3237654.html SAP Patch https://erpscan.com/press-center/blog/sap-security-notes-june-2016/ Breached RDP Servers For Rent https://www.wired.com/2016/06/xdedic-server-trading-forum-kaspersky/

Microsoft Updates https://isc.sans.edu/mspatchdays.html?viewday=2016-06-14 Adobe Updates (Incl. active exploitation of Flash Vuln.) https://helpx.adobe.com/security.html

Flocker Ransomware Locks TVs http://blog.trendmicro.com/trendlabs-security-intelligence/flocker-ransomware-crosses-smart-tv/ Samsung Updates Software Update Software http://seclists.org/fulldisclosure/2016/Jun/21 Lets Encrypt Messes Up Notification E-mail, Leaks Addresses https://community.letsencrypt.org/t/email-address-disclosures-preliminary-report-june-11-2016/16867 ClamAV Fuzzing Finds Bugs in 7z Unpacking Code https://foxglovesecurity.com/2016/06/13/finding-pearls-fuzzing-clamav/

DNS Sinkhole 2.0 Released https://isc.sans.edu/forums/diary/DNS+Sinkhole+ISO+Version+20/21153/ Visual C Telemetry Library https://www.reddit.com/r/cpp/comments/4ibauu/visual_studio_adding_telemetry_function_calls_to/ Crysis Ransomware http://www.eset.com/us/resources/detail/new-ransomware-threat-crysis-lays-claim-to-teslacrypt-s-former-turf/ Intel Releases ROP Attack Protection http://blogs.intel.com/evangelists/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks/ EMC Fixes Data Domain Session ID Disclosure Vulnerability https://auscert.org.au/render.html?it=35618

Google Chrome PDF Viewer Remote Code Execution Vulnerability Patched http://blog.talosintel.com/2016/06/pdfium.html Google Continues to Remove SSLv3 Support http://googleappsupdates.blogspot.com.au/2016/06/gradually-disabling-support-for-sslv3.html Vibration Sensor Can Be Used As Microphone http://synrg.csl.illinois.edu/vibraphone/paperdocs/VibraPhone_nirupam.pdf Keypass Fixes Vulnerable Update Procedure http://keepass.info/help/kb/sec_issues.html#updsig

CryptXXX Switches From Angler to Neutrino EK https://isc.sans.edu/forums/diary/Neutrino+EK+and+CryptXXX/21141/ Android Flah Keyboard Uses Excessive Permissions https://regmedia.co.uk/2016/06/07/pentestflashkeybpardpaper.pdf Firefox 47 Released https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47 D-Link Camera Vulnerable To Remote Exploit http://blog.senr.io/blog/home-secure-home BITS used to make malware more persistent https://www.secureworks.com/blog/malware-lingers-with-bits

Various Internet Sites Flag Password Reuse http://krebsonsecurity.com/2016/06/password-re-user-get-to-get-busy/ Facebook Chat Vulnerability Patched https://www.helpnetsecurity.com/2016/06/07/facebook-vulnerability-chat-messenger/ DNS Cookies: Making DNS More Security https://www.rfc-editor.org/rfc/rfc7873.txt

LinkedIn Data Used to Personalize Malicious E-Mail https://twitter.com/certbund/status/739824856011804676?ref_src=twsrc%5Etfw Android Patches https://source.android.com/security/bulletin/2016-06-01.html Mitsubishi Outlander Wifi Hack https://www.pentestpartners.com/blog/hacking-the-mitsubishi-outlander-phev-hybrid-suv/ Using NTP to Calibrate Time Stamps in PCAP https://isc.sans.edu/forums/diary/What+Time+Is+It+Using+NTP+Traffic+to+Calibrate+PCAP+Timestamps/21135/ BING Adds Malware Warning https://blogs.bing.com/webmaster/June-2016/Warning!-Bing-now-offers-enhanced-malware-warnings

A Recent MySQL Honeypot Compromise https://isc.sans.edu/forums/diary/MySQL+is+YourSQL/21117/ Team Viewer Improves Security http://www.teamviewer.com/en/company/press/teamviewer-launches-trusted-devices-and-data-integrity/ Black Shades Ransomware http://www.bleepingcomputer.com/news/security/black-shades-ransomware-encrypts-your-pc-and-taunts-security-researchers/ NTP Update http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Docker Containers Logging https://isc.sans.edu/forums/diary/Docker+Containers+Logging/21121/ Lenovo Suggests Uninstalling Accelerator Application https://support.lenovo.com/us/en/product_security/len_6718 Google Chrome Update http://googlechromereleases.blogspot.com/search/label/Stable%20updates MongoDB Injection http://blog.securelayer7.net/mongodb-security-injection-attacks-with-php/ Ouch! Newsletter https://securingthehuman.sans.org/resources/newsletters/ouch/2016#encryption Detecting DNS Tunneling With Splunk https://www.sans.org/reading-room/whitepapers/dns/splunk-detect-dns-tunneling-37022 Android AV Vulnerabilities https://www.sit.fraunhofer.de/fileadmin/dokumente/Presse/teamsik_advisories_AV.pdf?_=1464692835

KeePass Insecure Update https://bogner.sh/2016/03/mitm-attack-against-keepass-2s-update-check/ Possible TeamViewer Breach http://www.theregister.co.uk/2016/06/01/teamviewer_mass_breach_report/ Windows 10 Exploit Offered For Sale https://www.trustwave.com/Resources/SpiderLabs-Blog/Zero-Day-Auction-for-the-Masses/?page=1&year=0&month=0 Intrusion Detection in Depth Minneapolis (July 18-23rd) https://www.sans.org/event/minneapolis-2016/course/intrusion-detection-in-depth

Increase in Telnet Scans https://isc.sans.edu/forums/diary/Increase+in+Port+23+telnet+scanning/21115/ Bloatware Introducing Security Flaws in Laptops https://duo.com/blog/out-of-box-exploitation-a-security-analysis-of-oem-updaters Exploit Released for Unpatchable SCADA Controller https://www.exploit-db.com/exploits/37154/ Fail2Ban Adding IPv6 Support https://www.slightfuture.com/security/fail2ban-ipv6 Critical LG Phone Security Flaws http://blog.checkpoint.com/2016/05/29/oems-have-flaws-too-exposing-two-new-lg-vulnerabilities/