Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On April 01, 2016

March 29, SecurityWeek – (International) “Vaccine” available for CTB-Locker, Locky, TeslaCrypt. French cybersecurity company, Lexsi released a “vaccine” that can improve users’ computer defenses against ransomware including CTB-Locker, Locky, and TeslaCrypt and stated that users can create a specific mutex or registry key, or change the simple system parameter as long as the modification does not pose an inconvenience to other users. Source

March 29, SecurityWeek – (International) Thousands of printers “hacked” to spew anti-semitic flyers. A security researcher discovered that hundreds of thousands of Internet of Things (IoT) printers were susceptible to attacks after finding that many IoT printers did not require authentication when connecting to the device. The researcher found the vulnerability when using Masscan, a mass Internet Protocol (IP) scanner that collected all vulnerable printers in its vicinity. Source

March 29, Softpedia – (International) vBulletin servers hacked, admins force password reset for all users. A company official for and reported that its Web domains went offline from March 24 – March 25 for a non-scheduled maintenance outage and forced its users to reset their passwords after hackers accessed the company’s vBulletin Germany (VGB) servers that carry user information. The exploit was allegedly reported to have used the content management system (CMS) used to run the company’s VGB’s presentation site. Source

March 29, Softpedia – (International) Magento stores targeted by new KimcilWare ransomware. Security researchers from MalwareHunterTeam discovered a new ransomware dubbed KimcilWare was targeting Magento online stores and Web servers by encrypting users’ Magento store files and adding the “.kimcilware” extension to each file, thus making the store inoperable. Researchers reported the ransomware was in its early stages of activity and were unsure about its mode of operation. Source

March 29, SecurityWeek – (National) Marine Corps activates cyber warfare group. The U.S. Marine Corps activated a new Cyberspace Warfare Group (MCCYWG) in Fort Meade, Maryland, March 25 which will help train and equip Marine Cyberspace mission teams to perform defensive and offensive cyber operations in support of the U.S. Cyber Command and U.S. Marine Corps Forces Cyberspace Command. The unit is active and will be fully operational in fiscal year 2017. Source

March 29, Softpedia – (International) Repeated DDoS attacks force Coinkite Bitcoin wallet to close down web service. One of the first Web-based bitcoin wallet services, Coinkite reported March 28 that it will be closing down its Web-based wallet service with the intention of solely developing its hardware products after their services received constant denial-of-service (DDoS) attacks for the past three years. The company warned users of potential phishing scams that will trick users into revealing their account credentials or tricking users into sending bitcoins to the wrong account. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.