May 25, Softpedia – (International) Fiverr removes DDoS-for-Hire services from its marketplace. Fiverr banned and removed a series of ads reportedly providing distributed denial-of-service (DDoS)-related offerings on its marketplace Web site after security researchers from Incapsula found several DDoS services. Source
May 25, Softpedia – (International) Hackers take over thousands of Twitter accounts and tweet out adult content. Symantec discovered that over 2,500 Twitter accounts were compromised after hackers took over Twitter profiles, changed a user’s avatar picture, and sent out links to adult Web sites or Web cam sites by using Uniform Resource Identifier (URL) shorteners, primarily Bit.ly, to hide a link to adult Web sites using referral tags. Source
May 25, SecurityWeek – (International) Unpatched flaws plague Moxa connectivity products. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and an independent security researcher discovered that Moxa’s MiiNePort E1, E2, and E3 device models were plagued with at least three serious vulnerabilities including a weak credentials management issue, a clear text password issue, and a cross-site request forgery (CSRF) flaw. The devices are used in the commercial facilities sector, critical manufacturing sector, the energy sector, and the transportation sector. Source
May 24, Softpedia – (International) After record high numbers, a lot of people still don’t know what ransomware is. Kaspersky released a report after studying over 5,000 users in the U.S. and Canada which revealed that 43 percent of users studied were unfamiliar with ransomware and were unaware that they could lose critical data after such infections. The lack of knowledge reveals why users are unaware of how to deal with ransomware infections. Source
May 24, Softpedia – (International) Pastejacking attack overrides your clipboard to trick you into running evil code. A security researcher discovered a clipboard hijacking attack titled Pastejacking was capable of using Cascading Style Sheets (CSS) to add malicious content to the clipboard without a user’s awareness, tricking users into executing unwanted terminal commands via JavaScript. Source
May 24, SecurityWeek – (International) Adobe patches flaw in Connect web conferencing software. Adobe released Connect 9.5.3 addressing several functionality vulnerabilities and one security flaw after a security researcher discovered that attackers could exploit an untrusted search path issue affecting the Connect add-in installer to launch Dynamic Link Library (DLL) loading attacks. The flaws affect Connect versions 9.5.2 and earlier for Microsoft Windows. Source
May 24, Softpedia – (International) DMA Locker 4.0 may be the next big thing in terms of ransomware. A security researcher from Malwarebytes reported that the DMA Locker 4.0 ransomware had new improvements to its features including the new utilization of a command and control (C&C) server instead of using a single encryption key hardcoded in the ransomware. In addition, the ransomware can now generate unique Advanced Encryption Standard (AES) encryption keys for each file with a public RSA key obtained from the C&C server. Source
May 23, SecurityWeek – (International) Critical vulnerability plagues 60% of Android devices. An elevation of privilege (EoP) flaw in the Widevine Qualcommm Secure Execution Environment (QSEE) TrustZone application reportedly affects about 60 percent of all Android devices globally despite being patched in January after security researchers discovered that QSEE was extremely privileged, allowing direct interaction with the TrustZone kernel and direct access to the system’s memory, enabling an attacker to hijack the Linux Kernel without having to find and exploit a Kernel flaw. Source
Reprinted from the USDHS Daily Open Source Infrastructure Report