InfoSec Week 32, 2017

Posted on 15 august 2017
SUBSCRIBE!

The lone Nigerian guy is responsible for an attack against at least 4000 gas, oil, banking, infrastructure organizations using phishing and NetWire trojan for remote access.
https://blog.checkpoint.com/2017/08/15/get-rich-die-trying-case-study-real-identity-behind-wave-cyberattacks-energy-mining-infrastructure-companies/

Alert Logic published report about the cloud security. Public cloud is generally more secure than private and on-premises networks. Attack vectors are the same as for most online applications - mostly SQL injection, remote code execution against the web applications.
https://www.alertlogic.com/assets/industry-reports/alertlogic-cloud-security-report-2017.pdf

Oxford University researchers published so called intra-library collusion (ILC) attack against the Android devices. From the research paper: "(intra-library collusion attack) occurs when a single library embedded in more than one app on a device leverages the combined set of permissions available to it to pilfer sensitive user data".
https://arxiv.org/pdf/1708.03520.pdf
https://nakedsecurity.sophos.com/2017/08/15/how-shared-android-libraries-could-be-weaponized-for-data-theft/

Four remotely exploitable vulnerabilities were identified in Siemens’ Molecular Imaging products running Microsoft Windows 7 operating system.
https://ics-cert.us-cert.gov/advisories/ICSMA-17-215-02

A recent phishing campaign that is distributing Trickbot is using extremely plausible imitations of financial institutions and government sites.
https://isc.sans.edu/forums/diary/Malspam+pushing+Trickbot+banking+Trojan/22720/

WikiLeaks has published CIA tool CouchPotato that allows operators to remotely spy on video streams in real-time.
https://wikileaks.org/vault7/#CouchPotato


Comments !