DeathRansom emerges, New MageCart moves, Y2K? Why not, and more.

December 10, 2019

Hi, I’m Paul Torgersen. It’s Wednesday,
November 27th, 2019, and this is a look at the information security news from overnight. From
When it first appeared, ransomware called DeathRansom didn’t encrypt files, only appended
them with a .wctc extension. Remove that and the file was fine. Well, they have learned
how to encrypt and are starting to infect victims. The attack vector is not known, however,
several victims of this strain were also infected with the STOP ransomware which is primarily
spread through adware bundles, so it is possible that is where this nasty comes through as
well. From
A MageCart splinter group dubbed Full(z) House, is using a generic phishing campaign gather
PII and financial information, and a man in the middle attack using their own skimmer
to steal payment card data. They even set up their own marketplaces: BlueMagicStore
for the PII and CardHouse for the payment cards. From
Twitter and Facebook confirmed that some third-party apps were collecting personal information
from people’s accounts without permission. They called out a pair of malicious software
development kits used by the third-party iOS and Android apps to display ads. A developer
called oneAudience had SDKs active on both platforms, and another called MobiBurn was
also active on Facebook. The offending apps have been removed. From
French job-seeking platform Groupe Phosphore has left two databases accessible online without
setting up a password. These were discovered on October 7, but the company was very slow
to respond and did not secure the data until November 20. The databases included business
and personal details of over 27,000 small businesses and nearly 340,000 individuals. And last today from
Splunk users are going to have a Y2K like issue unless they patch before January 1,
2020. It seems that the Splunk platform recognizes a two digit year, and very likely will misinterpret
2020. Get your patch on kids. That’s all for me today. I’m going to
be enjoying some extra time with food and family for Thanksgiving, so until next time,
be safe out there.

You Might Also Like

No Comments

Leave a Reply