May 10, Softpedia – (International) SS7 attack leaves WhatsApp and Telegram encryption useless. Positive Technologies researchers unveiled a new attack that utilizes Signaling System No. 7 (SS7) to carry out attacks on encrypted communications apps such as WhatsApp and Telegram by spoofing a mobile network node and intercepting the initial phase of a chat between two users. The researchers were able to impersonate a second user through SS7 loopholes that were never patched. Source
May 10, Softpedia – (International) CryptXXX is now undecryptable, prevents users from accessing their PC. Researchers at Proofpoint discovered CryptXXX version 2.006, an update to CryptXXX, which defeats a Kaspersky Lab decrypter, blocks users’ from going online, and locks a user’s entire screen, forcing them to log onto a different computer to go online to buy Bitcoin and pay the ransom. The ransomware is distributed via malvertising campaigns, malicious ads on legitimate Web sites, or through an intermediary malware called Bedep. Source
Reprinted from the USDHS Daily Open Source Infrastructure Report