Week in review: Black Hat USA 2016 coverage, QRLJacking, exposed SAP systems

Here’s an overview of some of last week’s most interesting news and articles:

Black Hat USA 2016
Want to learn the news from Black Hat USA 2016? Get is all from our dedicated coverage page.

QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use.

36000 SAP systems exposed online, most open to attacks
ERPScan released the first comprehensive SAP Cybersecurity Threat Report, which covers three main angles: Product Security, Implementation Security, and Security Awareness.

Innovative techniques allow malvertising campaigns to run for years
A threat actor dubbed AdGholas has been mounting successful malvertising campaigns by using innovative targeting and obfuscation techniques, and has been infecting thousands of victims every day since 2015 – and possibly even earlier.

Interpol arrests Nigerian scam mastermind who stole $60 million
The 40-year-old Nigerian national, known as “Mike”, is believed to be behind scams totalling more than $60 million involving hundreds of victims worldwide. In one case a target was conned into paying out $15.4 million.

$77 million in Bitcoin stolen from Bitfinex exchange
Popular Hong Kong-based cryptocurrency exchange Bitfinex has suffered a security breach that resulted in the theft of millions’ worth of Bitcoin.

Impatient users saddled with malicious copycats of popular Prisma app
If an iOS app gains extreme popularity but still does not come in a version for Android, it can be practically guaranteed that malware peddlers and scammers will take advantage of users’ impatience, and offer fake, malicious versions of it on Google Play and third-party Android apps stores.

Data of 200 million Yahoo users offered for sale
Data of some 200 million Yahoo users has been offered for sale on the TheRealDeal dark web market by “peace_of_mind” (aka “Peace”).

The growing threat of ransomware: Lucrative, low-risk and easy to use
First documented in 1989, ransomware is by no means a new technique. But its popularity has risen significantly recently, particularly in the first three months of this year, where the 35-fold increase in ransomware-related domains accounted for 60 per cent of all malware observed.

75% of the top 20 US banks are infected with malware
SecurityScorecard released its 2016 Financial Cybersecurity Report, a comprehensive analysis that exposes cybersecurity vulnerabilities across 7,111 global financial institutions including investment banks, asset management firms, and major commercial banks.

Can a computer system compete against human CTF experts?
ForAllSecure (and its Mayhem computer system) is the winner of DARPA’s Cyber Grand Challenge, the first head-to-head competition among developers of some of the most sophisticated automated bug-hunting systems ever developed.

Zeus Panda variant targets Brazilians, wants to steal everything
A new Zeus Trojan variant dubbed Panda Banker has been specially crafted to target users of 10 major Brazilian banks, but also other locally popular services.

58% of orgs have no controls in place to prevent insider threats
More than half of organizations (58 percent) still lack the appropriate controls to prevent insider attacks, with just under half (44 percent) unaware if their organization has experienced an insider attack at all, according to a new survey of more than 500 cybersecurity professionals.

MineMeld: The “Swiss army knife” of threat intelligence feeds
Palo Alto Networks has made publicly available MineMeld, an open source, community supported framework that can simply your consumption and sharing of threat intelligence.

How US, UK SMBs keep company passwords safe
AVG’s Business division has asked 381 of their small-to-medium business customers in the US and UK sixteen questions about their password-protection policies and practices.

How to avoid vendor lock-in and get more flexibility
Traditionally, customers, and security teams have worked with a single major technology provider, like IBM or Symantec, to build out their entire security stack. With one provider offering the entire toolset, organizations are not provided with a best-of-breed approach, and are instead forced to settle for portfolios with some above average and some below average solutions.

Kazakhstan govt targeted journalists, political activists with spyware
Journalists and political activists critical of Kazakhstan’s authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and spyware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF).

GhostMail stops providing secure comms to individual users
Encrypted email, chat and storage service GhostMail will no longer provide its services to individual users. Instead, it will concentrate on the enterprise market.

UK banks ramp up account security with voice recognition tech
Each person’s voice is as unique as their fingerprint, made up of over 100 characteristics based on the physical configuration of the speaker’s mouth and throat. Therefore, when a customer calls up to use telephone banking, the technology will be able to identify them simply from the first few words that are spoken.

Intel Crosswalk bug invalidates SSL protection
A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have found.

More about

Don't miss