This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On June 07, 2019

Tuesday 6/4

CRN®, a brand of The Channel Company has named Gotham Technology Group to their 2019 Solution Provider 500 list at spot #181.

This annual list ranks the largest North American IT channel partner organizations by revenue. The Solution Provider 500 is the industry standard for recognizing the highest performing technology integrators, strategic service providers and IT consultants.

Quest Diagnostics says 11.9 million patients affected by data breach

According to the filing, the breach was a result of malicious activity on the payment pages of the American Medical Collection Agency, a third-party collections vendor for Quest. The “unauthorized user” siphoned off credit card numbers, medical information and personal data from the site. Laboratory test results were not among in the stolen data, Quest said.

New HiddenWasp Linux Malware Focused Solely on Achieving Targeted Remote Control

Targeted remote control isn’t the usual objective of Linux-based malware. One of these goals involves launching distributed denial-of-service (DDoS) attacks against targeted systems. The other common end is mining for cryptocurrency.

Wednesday 6/5

Checkers restaurant chain discloses card breach

Checkers and Rally's, one of the biggest drive-thru restaurant chains in the US, disclosed a security incident yesterday that impacted over 100 locations. In a security notice published on its website, the company said hackers breached its systems and planted malware on its payments processing system.

BlackSquid malware uses bag of exploits to drop cryptocurrency miners

The overall aim is to compromise web servers, network drives, and removable storage to install XMRig, a Monero cryptocurrency miner script, on target machines.

HawkEye Malware Operators Renew Attacks on Business Users

HawkEye is designed to steal information from infected devices, but it can also be used as a loader, leveraging its botnets to fetch other malware into the device as a service for third-party cybercrime actors.

Thursday 6/6

Google Cloud Network Disruption Blamed On Configuration Change

A configuration change was the culprit behind Google Cloud’s almost four-hour network service disruption on Sunday that slowed or prevented the use of Google services including Google Cloud Platform, YouTube, Gmail and Google Drive, according to the cloud provider.

Mailboard: Hackers can now pose as victims through their keyboards

On Wednesday, researchers said they have developed a new form of attack, dubbed Malboard, which is able to evade detection products "that are intended to continuously verify the user's identity based on personalized keystroke characteristics."

Friday 6/7

CCTV cameras enslaved to infiltrate air-gap networks

"In an infiltration scenario, an attacker standing in a public area (e.g., in the street) uses IR LEDs to transmit hidden signals to the surveillance camera(s)," the paper reads. "Binary data such as command and control (C&C) and beacon messages are encoded on top of the IR signals."

Android malware once found a way onto phones before they even shipped

Given the way that Android ROMs work, it’s a near-impossibility for even big companies to build ROMs that don’t include some kind of third-party code. Google says that it offers OEMs a “Build Test Suite” which can scan for malware like Triada to help mitigate such risks.

NSA Warns Microsoft Windows Users: Update Now or Face ‘Devastating Damage’

In an advisory published this week, the NSA has urged "Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threat." That threat being BlueKeep.