Weekly Cyber Security News 02/06/2017

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A couple of things particularly of interest this week. A fascinating article on why the WannaCry attack, while technically impressive had such an amateurish method of ransom collection – it was like they didn’t want to be paid or cared about it. As this article below suggests, could it have just be a way to manipulate BitCoin? Interesting idea.

• Latest WannaCry Theory: Currency Manipulation

Oh, and if you use OneLogin for your ID then you might want to start changing everything….

• OneLogin Breach Reignites Concerns over Password Managers

• OneLogin Investigating Breach at U.S. Data Center

• OneLogin: Breach Exposed Ability to Decrypt Data Brian Krebs reports

The rest of the news:

• 82% of Databases Left Unencrypted in Public Cloud Personal health information and other sensitive data is left exposed as businesses overlook encryption and network security.

• A Nation State-Looking Cyberattack that Wasn’t

• Google Patches Nexus 6 Secure Boot Bypass

• India’s Ethical Hackers Rewarded Abroad, Ignored at Home

• Shadow Brokers Want $20,000 for Monthly Leaks

• Chinese ‘Fireball’ Malware Infects 20% of Global Corporate Networks

• Developer of Advanced ‘Bachosens’ Malware Fails to Hide Identity

• Fireball Malware Infects 250 Million Computers

• Judy Adware Infects Dozens of Google Play Apps

• Crowdfunding for Acquiring Shadow Brokers Exploits Canceled

• Linux Flaw Allows Sudo Users to Gain Root Privileges

• Samba Patches Code Execution Flaw Introduced in 2010

• Bugtraq: WordPress Plugin Social-Stream Exposure of Twitter API Secret Key and Token WordPress Plugin Social-Stream Exposure of Twitter API Secret Key and Token