June 25, Help Net Security – (International) Samsung disables Windows Update, undermines the security of your devices. A security researcher discovered that the Samsung SW Update software for Microsoft Windows personal computers (PCs) runs an executable file upon start-up that disables Windows Update to prevent driver and update software conflicts, posing a security risk to users. Microsoft has reportedly contacted Samsung to address the issue. Source
June 25, Help Net Security – (International) The downfall of a major cybercrime ring exploiting banking trojans. European authorities from six countries along with Europol and Eurojust arrested five suspects in Ukraine believed to be part of a major cybercriminal ring that developed, exploited, and distributed Zeus and SpyEye malware, actively traded stolen credentials, laundered profits, and infected tens of thousands of users’ computers worldwide with banking Trojans. Source
June 25, Help Net Security – (International) Why a Dyre infection leads to more than just stolen banking credentials. Symantec reported that in addition to targeting banks, financial institutions, customers of electronic payment services, and users of digital currencies, cybercriminals are employing the Dyre Trojan to collect credentials for career and human resource Web sites, as well as Web hosting companies. The group using Dyre has reportedly targeted customers of over 1,000 organizations worldwide. Source
June 25, SC Magazine – (International) Study: 61 percent of critical infrastructure execs confident systems could detect attack in less than a day. Tripwire released survey results from 400 executives in the energy, oil, gas, and utility industries in its “Critical Infrastructure Study” revealing that executives had high levels of confidence regarding their organizations’ ability to quickly detect cyber-attacks on their systems, while noting that attacks could seriously damage their infrastructure, among other findings. Source
June 25, V3.co.uk – (International) Android malware dominates mobile threat landscape. Pulse secure released findings from its Mobile Threat Report revealing that 97 percent of mobile malware is targeted at Android devices, and that in 2014 almost 1 million individual malicious apps were released. The report also highlighted the dangers in jailbroken and non-jailbroken iOS devices, among other findings. Source
June 24, SC Magazine – (International) Cyber-crime economy triggers rise in malicious macros. Proofpoint released The Cybercrime Economics of Malicious Macros report, revealing that malicious macro campaigns have grown in size, frequency, sophistication, and effectiveness while increasingly relying on inexpensive vectors and techniques to exploit the human factor, among other findings. Source
June 24, SC Magazine – (International) MacKeeper flaw enables attacker to run code with admin rights. Security researchers discovered a serious vulnerability in ZeoBit’s MacKeeper utility program in which an attacker could use a phishing email containing a malicious link that prompts a user for a password, effectively executing the malware with administrator rights. ZeoBit reportedly acknowledged and patched the vulnerability. Source
June 24, SC Magazine – (International) COA Network breached, all customer data treated as potentially compromised. New Jersey-based COA Network Inc., reported that it had detected a pattern of irregular activity in its systems June 5, and is considering all customer contact and payment information as possibly having been compromised. The company took actions to increase security and protect customer information, and has notified all customers. Source
June 24, Softpedia – (International) ESET patches scan engine against remote root exploit. ESET pushed an update for its scan engine addressing a vulnerability in antivirus products’ code emulator component in which an attacker used a remote root exploit to take complete control of a system. NOD32 Antivirus, Microsoft Windows, Apple OS X, Linux, and numerous other consumer and business antivirus solutions, utilize the product. Source
June 24, Help Net Security – (International) Deadly Windows, Reader font bugs can lead to full system compromise. A security engineer with Google Project Zero shared the discovery of 15 flaws in font engines used by Microsoft Windows, Adobe Reader, and other popular software that could allow an attacker to compromise systems in a variety of ways including creating an exploit chain leading to a full-system compromise. All of the reported vulnerabilities have been patched in recent updates. Source
June 24, Securityweek – (International) Visibility challenges industrial control system security: survey. Findings from a SANS Institute survey of over 314 respondents across several industries that interact with industrial control systems (ICS) revealed the perceived threats posed by internal and external attackers and the challenges of ICS protection. Challenges cited include poor optimization of ICS protection for information technology (IT) environments, the difficulty in detecting threats that spread without affecting operations, and the integration of IT into previously isolated ICS platforms, among other findings. Source
June 25, Securityweek – (International) Leaked government credentials abundant on public Web. Recorded Future released a report June 24 revealing that login credentials belonging to 47 U.S. Government agencies have been discovered on the public Web since November 2014, with the most affected agencies being the U.S. Department of Energy and Department of Commerce. The company shared its finding with affected agencies and is unsure if attackers attempted to leverage any stolen information. Source