June 24, SecurityWeek – (International) Malware can steal data from air-gapped devices via fans. Security researchers from Ben-Gurion University of the Negev discovered a new acoustic data exfiltration method dubbed Fansmitter was leveraging the noise emitted by a computer’s fans to transmit data without relying on speakers by sending bits of data to a nearby mobile phone or a computer equipped with a microphone. Attackers can control the fan to rotate at a specific speed to transmit a “0” bit and a different speed to transmit a “1” bit as the frequency and the strength of the acoustic noise depends on the revolutions per minute (RPM). Source
June 24, Help Net Security – (International) Crypto-ransomware attacks hit over 700,000 users in one year. Security researchers from Kaspersky Lab reported that there was a 17.7 percent increase in encryption ransomware attacks between April 2015 and March 2016 after discovering 718,536 users were infected with crypto-ransomware. Researchers advised customers to use a reliable security solution, back-up all files, and keep all software up-to-date to avoid infection, among other recommendations. Source
June 23, Softpedia – (International) Six malicious Android apps removed from the Google Play store. Google reported that it removed six Android applications that were reported to have malicious actions after a security researcher from Dr. Web discovered the apps infected more than 55,000 users with the Android.Valeriy malware via the Google Play store. Once the malware is installed, it connects to a command-and-control (C&C) server from which it receives a list of Uniform Resource Locators (URLs) and opens the links in the WebView browser component. Source
June 23, SecurityWeek – (International) Advantech patches flaws in WebAccess SCADA software. Advantech released updates for its WebAccess product after a security researcher from Acorn Network Security discovered the product was susceptible to two medium severity vulnerabilities including a flaw in the ActiveX Control that can be exploited by a local attacker to execute unauthorized code or commands, and a buffer overflow flaw that can be triggered by using a specially crafted Dynamic Link Libraries (DLL) file which can lead to crashes or arbitrary code execution. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report