Weekly Cyber Security News 07/09/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A pretty energetic week for a change. Varied and unexpected breaches as is the norm, though a few new items of note. The first is a little worrying, and really hopefully (at least for the public) won’t set a precedent: Penalising those that can’t make use of good password best practice.  Sure, users really do need some help, even more so those that aren’t ‘tech savvy’, but chasing them because of breaches…

• Vodafone Tells Hacked Customers with “1234” Password to Pay Back Money

There is a fine line in infosec, and those on both sides know that:

• White-Hats Go Rogue, Attack Financial Institutions

No fresh IoT hell this week, instead, a really good bit of hardware magic:

• Engineering tour de force births programmable optical quantum computer

 

Other news….

• MagentoCore Card Skimmer Found on Mass Numbers of E-Commerce Sites The Magecart group is likely behind the most prolific card-stealing operation seen in the wild to date.

• Bitfi removes unhackable claim from crypto wallet

• Brazilian credit bureau investigates potential data leak

• Brit teen pleads guilty to Minecraft-linked bomb and airline hoaxes (The Register)

• British Airways hit with customer data theft (ZDNet)

• Bucking the Norm, Mozilla to Block Tracking Cookies in Firefox Unlike its browser competitors

• EICAR – The Most Common False Positive in the World

• Experts warn of 7,500+ MikroTik Routers that are hijacking owner’s traffic

• Five Eyes threatens to force encryption backdoors, says ‘Privacy is not absolute’

• GOBLIN PANDA Targets Vietnam Again

• Google Fights Tech Support Scams With New Ad Restrictions

• Google paid million dollars to track offline purchases using Mastercard Data

• Google wants to get rid of URLs but doesn’t know what to use instead

• Hackers can easily access 3D printers exposed online for sabotage and espionage

• If an extension goes rogue, everything you do in your browser is compromised

• IoT Category Added to Pwn2Own Hacking Contest

• Lawsuit Lays Bare Israel-made Hack Tools in Mideast, Mexico

• Malware Found on USB Drives Shipped With Schneider Solar Products

• MEGA.nz Chrome extension caught stealing passwords, cryptocurrency private keys (ZDNet)

• Nielsen Shareholder Sues Over GDPR Statements

• Premera Blue Cross hacker victims claim insurer trashed server to hide data-slurp clues

• Python Package Installation Can Trigger Malicious Code

• Recent Windows ALPC zero-day has been exploited in the wild for almost a week

• Thousands of 3D Printers Exposed to Remote Attacks

• Thousands of MikroTik Routers Hijacked for Eavesdropping Using a known vulnerability, the threat actor is listening to a variety of ports.

• Unpatched routers being used to build vast proxy army, spy on networks

• Using just a laptop, boffins sniff, spoof and pry – without busting browser padlock

• Woman who crashed her Model S and broke her foot, now sues Tesla

• Google fixes Chrome issue that allowed theft of WiFi logins (ZDNet)

• Federal prosecutors indicted a 20-year-old man who built the Satori botnet

• New Chainshot Malware Found By Cracking 512-Bit RSA Key

• ‘CamuBot’ Banking Malware Ups the Trojan Game with Biometric Bypass CamuBot is a unique malware targeting Brazilian bank customers that attempts to bypass biometric account protections.

• 7,500 MikroTik routers compromised, traffic forwarded to attackers

• Critical Vulnerability Patched in PHP Package Repository

• Do you really think crims would do that? Just go on the “net and exploit a Windows zero-day?

• Oracle Products Affected by Exploited Apache Struts Flaw