Week in review: Apple tackles XcodeGhost malware, AVG will sell user data, iOS 9 exploit is worth $1 million

Here’s an overview of some of last week’s most interesting news and articles:


Symantec fires employees who issued rogue Google certificates
One of these testing certificates leaked on the Internet, as it was flagged by Google.

AVG will sell user browsing and search info to advertisers
Starting on October 15, when its new privacy policy comes into effect, Czech AV maker AVG will start selling user activity information to online advertisers.

Enhancing email security in Office 365
Because Office 365 includes a baseline measure of security – called Exchange Online Protection – some companies are tempted to rely on that for email security, believing that because email is happening in Microsoft’s cloud, their environments are not impacted. The reality is quite different.

Android SMS Trojans evolve, go after bank and payment system accounts
Once upon a time cyber crooks used SMS Trojans to earn themselves money by subscribing users to unwanted premium mobile services. Today, the situation has changed, and these Trojans can do much more damage.

Exploit broker offers $1 million for reliable iOS 9 exploit
Here’s a treat for hackers and security researchers who don’t mind selling information about zero-day vulnerabilities to the highest bidder: Zerodium, the zero-day vulnerability and exploit acquisition firm recently launched by VUPEN founder Chaouki Bekrar, is offering a million dollars for “an exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices.”

Quantifiable differences in security performance across industries
BitSight Technologies analyzed Security Ratings of nearly 10,000 organizations in six industries – finance, federal government, retail, energy and utilities, healthcare and education. The objective was to highlight quantifiable differences in security performance across industries from August 1, 2014 to August 1, 2015.

Number of XcodeGhost-infected iOS apps rises
As the list of apps infected with the XcodeGhost malware keeps expanding, Apple, Amazon and Baidu are doing their best to purge their online properties of affected apps, malicious Xcode installers, and C&C servers used by the attackers to gather the stolen information and control the infected apps/devices.

NIST will award $3.6 million to projects designed to improve cybersecurity
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) will award $3.6 million for three pilot projects designed to make online transactions more secure and privacy-enhancing for healthcare, government services, transportation and the Internet of Things.

Chinese promotion company hijacks Android devices around the world
A Chinese mobile app promotion company has created malicious adware that allows them to gain complete control of users’ Android devices. The company misuses this access to make the phones download additional apps and to show ads.

WD My Cloud NAS devices can be hijacked by attackers
WD My Cloud is meant to be a private cloud environment hosted at home or at a small organization’s office.

Killing computer infrastructures with a bang!
In an attempt to demonstrate how easy it would be for attackers to perform a high-voltage attack against a company’s computer infrastructure and take it down by damaging it, security researcher Grigorios Fragkos found a device that can easily be used to “fry” other appliances on the network: computers, switches, attached storage devices, etc.

GreenDispenser malware makes ATMs spit out cash
A new type of malware is being used to drain ATMs in Mexico of all the cash they contain. Dubbed GreenDispenser by Proofpoint researchers, the malware displays an “out of service” message, but attackers who enter the right PIN code make the machines spit out money.

Using external URL shorteners for internal needs may lead to sensitive data leaks
Using external URL shortener services to create better-looking links to internal company documents, sensitive files and internal websites is a practice that company employees should avoid, says security researcher Shubham Shah, as it can result in those documents being accessed by individuals with malicious intentions.

Cisco releases tool for detecting malicious router implants
Cisco Systems has provided a tool that allows enterprise users to scan their networks and discover if their routers have been compromised with malicious SYNful Knock implants.

The number of fingerprints stolen in OPM hack rose to 5.6 million
If you’re wondering how come they haven’t discovered this fact sooner, it’s because only now the “OPM and DoD identified archived records containing additional fingerprint data not previously analyzed.”

The average budget required to recover from a security breach
The average budget required to recover from a security breach is $551,000 USD for enterprises, and $38,000 for small and medium businesses.

CUJO: Plug-n-play protection for all devices
CUJO is a smart device that brings business level Internet security to guard all of your connected home devices. It’s simple to start with no installation necessary.

Vulnerabilities in security software leave users open to attacks
In most people’s minds, antivirus and security software equals better security. But thanks to security researchers who have taken it upon themselves to analyze some of those offerings, we are discovering that that belief is not necessarily true.

Free tool helps organizations respond to vulnerability reports
The Vulnerability Coordination Maturity Model (VCMM) was created as a guide that companies can use to learn what the best practices are for vulnerability response, measure how they compare to others, and take actions that will help them address issues before bad actors can exploit them.

Mapping the underground cybercrime economy in order to disrupt it
Disrupting the relationships between the various actors in the underground economy that’s propping up Internet crime, damaging the infrastructure that makes it possible, and hampering the functioning of the profit centers that transfer money from victims and institutions to the crooks is the right way to tackle the problem of cybercrime.