Week in review: Stealing login credentials, secure mobile communications explained

Here’s an overview of some of last week’s most interesting news, reviews, podcasts and articles:

Rambler.ru hack: Passwords of nearly 100 million users exposed
A new data leak – confirmed to be legitimate by LeakedSource and added to its searchable online database – affects nearly 100 million users of Rambler.ru, one of the biggest Russian web portals.

Measuring IT security health with GreySpark
In this podcast recorded at Black Hat USA 2016, Brit Wanick, Vice President of Sales, FourV Sytems, talks about measuring IT security health with GreySpark. GreySpark identifies and measures risk factors by normalizing and evaluating threat, vulnerability, and operational events from an organization’s sensors and systems.

Mirai Linux Trojan corrals IoT devices into DDoS botnets
Researchers consider Mirai to be the direct descendant of an older Trojan dubbed Gafgyt (aka BASHLITE, aka Torlus), which is one of the main contributors to the rise of DDoS-for-hire services.

Compromised electronic health records may haunt you forever
By now, we realized that the risk and impact of compromise of EHRs is usually and mostly shifted to us (the patients). But what most still don’t recognize is that if our EHRs get compromised just once, and sold repeatedly all over the Dark Web, we’ll likely have problems for the rest of our lives.

The dangers of connecting phones to connected cars
With all the reports about car hacking, you might be worried whether someone could manipulate the vehicle you’re renting, but in the real world, that danger still seems far off. A more near and present danger is that of inadvertently sharing your personal data with the car, and therefore with its owners (at a minimum).

Your Seagate Central NAS could be hosting mining malware
If you have discovered cryptocurrency mining malware on your system, have removed it, and got compromised again without an idea about how it happened, it could be that the source of the infection is the Seagate Central NAS sitting on your network.

Review: Protecting Patient Information
This book is primarily aimed at US-based healthcare organizations and professionals.

Automation isn’t one-size fits all
Automation is not a switch you can simply flip on. Each organization, each request maybe, has its own set of workflows, stakeholders and challenges.

Sophisticated Mokes backdoor targets Mac users
Capable of making screenshots, recording keystrokes, capturing audio, and rifling through Office documents and removable storage devices, Mokes (aka Ekoms) can be also made to execute arbitrary commands on the system.

Are all IoT vulnerabilities easily avoidable?
Every vulnerability or privacy issue reported for consumer connected home and wearable technology products since November 2015 could have been easily avoided, according to the Online Trust Alliance (OTA).

Secure mobile communications explained
For most, SSL is necessary and offers a decent amount of security for the risks they may encounter online – however, any security or IT pro understanding mobile communications would rather use a personal IPSec VPN because they know one simple fact – SSL is not known for being secure. This is why those same professionals know why SSL VPN is the wrong decision for protecting mobile communications for their organisations.

Stealing login credentials from locked computers in 30 seconds or less
Security researcher Rob Fuller has demonstrated a simple way for stealing login credentials from locked computers running Windows and Mac OS X.

Flaws in Network Management Systems open enterprise networks to attacks
Network Management Systems are used for discovering, managing and monitoring various devices on a network (e.g. routers, switches, desktops, printers, etc.). They usually use the Simple Network Management Protocol (SNMP) to format and exchange management messages, and it’s exactly through this protocol that these systems can be attacked.

WordPress 4.6.1 upgrades security, fixes 15 bugs
WordPress 4.6.1 is now available. This is a security release for all previous versions and all users are strongly encouraged to update their sites immediately.

Gugi banking Trojan outsmarts Android 6 security
A modification of the Gugi banking Trojan that can bypass Android 6 security features designed to block phishing and ransomware attacks.

Can biometrics and the FIDO Alliance save us from password overload?
Going forward, it’s clear that the FIDO Alliance will be a key driver in moving the industry towards fewer passwords. At the same time, vendors and corporations will move independently of the FIDO Alliance to lessen our reliance on the broken password system with a biometric approach.

Yelp makes its bug bounty program public
After two years of keeping their bug bounty program private and relatively secret, Yelp is opening it up and has invited bug hunters to probe its sites, apps, and infrastructure.

Nearly 800,000 Brazzers users’ credentials exposed
Account login credentials of nearly 800,000 Brazzers porn site users have been stolen in 2012, but the breach has only now come to light, after the data dump was obtained by breach monitoring site Vigilante.pw.

Too many Cisco ASA boxes still open to an EXTRABACON attack
Rapid7 researchers Derek Abdine and Bob Rudis have recently used the company’s Project Sonar to see how many potentially vulnerable boxes can still be found online.

43.7% of cloud-based malware delivers ransomware
According to a new Netskope report, 43.7% of malware found in enterprises cloud apps have delivered ransomware, and 55.9% of malware-infected files found in cloud apps are shared publicly.