Week in review: Pokémon GO, flawed code hooking engines, Ubuntu Forums hacked again

Here’s an overview of some of last week’s most interesting news and articles:

Preparing for new EU cybersecurity rules and regulations
The Network and Information Security (NIS) Directive spells the end of more than three years of political bickering and requires critical national infrastructure operators, such as banks, healthcare, transportation, energy and digital service providers, to ramp up their security measures and report major data breaches.

Three topics everyone will be talking about at Black Hat USA 2016
There has never been a more interesting or daunting time to be in security.

Have you read Pokémon GO’s Terms of Service? You might want to
As Pokémon GO is enthusiastically embraced by an increasingly larger number of users, we’re witnessing a wide array of dangers that go hand in hand with playing it.

Security in the M&A process: Have you done your technical due diligence?
In late 2015 Distil Networks began the process of acquiring managed security provider Scrape Sentry. As the business team worked through the nuances of purchasing a Swedish company, the technical team snapped into action.

Flawed code hooking engines open endpoints to compromise
Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different products, including anti-virus (AV) and anti-exploitation solutions, data loss prevention software (DLP) and host-based intrusion-prevention systems (HIPS).

Snowden wants you to know when your phone is revealing your location
NSA whistleblower Edward Snowden and hardware hacker Andrew “Bunnie” Huang have possibly come up with a solution for warning users when their phones are revealing their location via radio transmissions.

Bart ransomware victims get free decryptor
AVG malware analyst Jakub Kroustek has devised a decryptor for Bart ransomware, and the company has made it available for download (for free).

Wi-Fi hack experiment conducted at Republican National Convention site
Avast security researchers conducted a Wi-Fi hack experiment at various locations around the Republican National Convention site in Cleveland to demonstrate how risky it can be to connect to public Wi-Fi.

Alleged Kickass Torrents owner arrested, site taken down
Artem Vaulin, a 30-year-old Ukrainian that is believed to be the creator and owner of Kickass Torrents, currently the most popular and most visited illegal file-sharing website, has been arrested in Poland on Wednesday.

Ubuntu Forums hacked again, 2 million users exposed
Canonical’s Ubuntu Forums have been hacked, and the attacker has managed to access and download part of the Forums database, containing usernames, email addresses and IPs for 2 million users.

Review: iStorage diskAshur Pro
The iStorage diskAshur Pro is a hard drive for users with security on their mind.

CISOs need teamwork and a framework, says Chief Cybersecurity Officer at Trend Micro
Eduardo Cabrera is the Chief Cybersecurity Officer at Trend Micro, responsible for analyzing emerging cyber threats to develop enterprise risk management strategies. Before joining Trend Micro, he was a 20-year veteran and former CISO of the United States Secret Service. Given his background, Cabrera is eminently qualified for offering insight about information security challenges in both the government and the private sector.

Slew of WP-based business sites compromised to lead to ransomware
The compromised sites range from that of tires and sporting goods manufacturer Dunlop, to the official Guatemalan Tourism site and sites of firearms dealers.

Ammyy Admin remote admin tool repeatedly bundled with Trojans
The website of the company that develops the popular remote administration software Ammyy Admin has been repeatedly compromised in the last year or so, and users who downloaded the tool were saddled with malware.

Widespread httpoxy vulnerabilities affect server-side web apps
A new, branded set of vulnerabilities has been revealed by security researchers, this time responsibly and without too much fanfare. The collective name given to the vulnerabilities is httpoxy. They affect server-side web applications only – application code running in Common Gateway Interface (CGI), or CGI-like environments.

DDoS attacks continue to escalate in both size and frequency
Arbor Networks released global DDoS attack data for the first six months of 2016 that shows a continuing escalation in the both the size and frequency of attacks.

Whitepaper: Does your DDoS protection strategy address the changing threat landscape?
Find out what are the newest trends in Network and Applicative DDoS attacks, what are the implications on your DDoS protection strategy, and how Incapsula’s DDoS Protection service addresses the new protection requirements.

Decrypter for Locky-mimicking PowerWare ransomware released
Dubbed PowerWare by the researchers, the malware adds the “.locky” filename extension on encrypted files, the same ransom note as Locky, and its payment/ decryption page also mentioned the infamous ransomware.

How to steal money from Instagram, Google and Microsoft
Some account options deployed by Instagram, Google and Microsoft can be misused to steal money from the companies by making them place phone calls to premium rate numbers, security researcher Arne Swinnen has demonstrated.

First all-machine hacking tournament coming to Las Vegas
During the one-day event, computer programs developed by seven remarkable teams will vie for millions of dollars in prizes as they compete in the world’s first automated game of Capture the Flag (CTF).

Compromised Joomla sites are foisting ransomware on visitors
Administrators of WP and Joomla sites would do well to check for specific fake analytics code injected into their properties, as a ransomware delivery campaign taking advantage of vulnerable sites has been going strong for over a month now.

More about

Don't miss