A selection of this week’s more interesting vulnerability disclosures and cyber security news. OK, looks like I may have to take back what I said last week about the AA ‘dev bug’, looks like it was in fact a breach:
Talking about confusion, the story around this NotPetya is becoming the stuff of movies; miss-directions and double bluff. Have to say though, miss-direction is one of the tools used in all sorts of crimes. I suspect its going to go on for a long time yet, but, and I will possibly regret this by saying I bet the truth is not as exciting as it seems right now:
- Hackers Connected to NotPetya Ransomware Surface Online, Empty Bitcoin Wallet Lorenzo Franceschi-Bicchierai ?reports
- Hackers Linked to NotPetya Ransomware Decrypted a File For Us Joseph Cox and Lorenzo Franceschi-Bicchierai report
- Massive WWE Leak Exposes 3 Million Wrestling Fans Addresses, Ethnicities And More Thomas Fox-Brewster reports
- If you have health insurance anywhere, or are a Medicare patient in Australia, your data are up for sale on the darknet Paul Farrell reports
- CopyCat Malware Infects 14 Million Android Devices A new malware strain is discovered with a novel approach to infecting Android handheld devices with adware.
- SQL Injection Vulnerability in WP Statistics If you’re using the WordPress plugin WP Statistics, you might want to stop and immediately read John Castro’s post