September 10, Securityweek – (International) SAP updates patch twenty vulnerabilities. Germany-based SAP enterprise software maker updated 5 previously released patches and issued a new patch addressing 20 vulnerabilities including 8 that were missing authorization checks, 6 cross-site scripting (XSS) bugs, an information disclosure vulnerability, cross-site forgery (CSRF), remote code execution, SQL injection, in addition to other types of attacks. Source
September 10, Help Net Security – (International) PIN-changing, screen-locking Android ransomware. ESET researchers found a piece of ransomware that locks Android users out of their devices by changing the personal identification number (PIN) via masquerading as an app to view adult videos. Once users download and install the malicious app the LockerPin trojan prompts the user to install a patch for the app which unknowingly activates the Device Administrator privileges while appearing as an alleged message from the FBI asking the victim to pay a $500 fine to regain access to the device. Source
September 9, Softpedia – (International) Russian hacking group uses satellites to hide C&C servers. Kaspersky Labs announced that the Turla advanced persistent threat (APT) group utilizes design flaws on older communications satellites, allowing the group to intercept Internet traffic and use it to hide the location of their command-and-control (C&C) servers. The group can reportedly launch man-in-the-middle (MitM) attacks and intercept traffic through satellite dishes located in areas were the unencrypted satellites provide coverage. Source
September 9, Softpedia – (International) Zimperium releases exploit code for testing against Stagefright vulnerability. Zimperium released its Stagefright exploit code and Python script, allowing security experts, phone vendors, and users to test if their devices are vulnerable to the Stagefright bug, which affects over 95 percent of all Android devices running versions 2.2 or higher. Source
September 9, Securityweek – (International) DD4BC extortionist group launched over 140 DDoS attacks: Akamai. A report published by Akamai Technologies’ Prolexic Security Engineering and Response Team (PLXert) found that the extortionist group DD4BC, who led a distributed denial-of-service (DDoS) attack against several organizations and demanded Bitcoin payments, launched a total of 141 attacks between September 2015 and August 2015, with 58 percent of attacks targeting financial service institutions. The report also found that that group now utilizes social media platforms to expose and threaten targeted organizations in addition to the DDoS attack. Source