InfoSec Week 24, 2017
Posted
Erebus ransomware distributed by the malicious advertisement campaign is using Rig exploit kit to infect Linux servers across the world.
Some companies had to pay already.
https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/erebus-linux-ransomware-impact-to-servers-and-countermeasures
FireEye published anatomy of a cyber extortion scheme executed by FIN10 group. They infiltrate company networks, steal valuable data, then attempt to extort executives and board members of a company.
https://www.hackread.com/wp-content/uploads/2017/06/fin10-cyber-extortionist-canadian-mining-firms-casinos-to-ransom.pdf
https://www.fireeye.com/blog/threat-research/2017/06/fin10-anatomy-of-a-cyber-extortion-operation.html
Researchers changed e-cigarette USB compatible charger for a keyboard emulator, so it can issue commands when connected to the PC.
http://news.sky.com/story/e-cigarettes-can-be-used-to-hack-computers-10908333
Wired has published an article about the malware behind the Ukraine power grid blackout.
https://www.wired.com/story/crash-override-malware/
A lottery computer programmer designed his code so that on three days of the year, he could predict winning numbers in some games.
https://www.bloomberg.com/news/articles/2017-06-12/programmer-pleads-guilty-to-theft-in-lottery-rigging-scandal
Part of the Wikileaks Vault 7 release, Cherry Blossom, exposes CIA wireless hacking toolkit.
[https://wikileaks.org/vault7/#Cherry Blossom](https://wikileaks.org/vault7/#Cherry Blossom)
Cisco Talos has published BASS - Automated Signature Synthesizer for malware detection.
https://github.com/Cisco-Talos/bass
Some (AVG, Avast, Avira, CheckPoint, K7) antivirus software‘s kernel vulnerabilities found by the bee13oy security researcher.
https://github.com/bee13oy/AV_Kernel_Vulns