Cyber news rundown
May 5, 2017Connor Madsen By Connor Madsen: Threat Research Analyst

Cyber News Rundown: Edition 5/5/17

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.

Apple Threatens to Remove Uber App

In recent weeks, Apple has threatened to remove Uber from its App Store after a New York Times article revealed the app was tracking iPhones, even after having been uninstalled. Uber’s response was that the tracking was implemented to identify fraudulent trips and ensure untrustworthy users were blocked from the service, though this type of monitoring is expressly forbidden by Apple. While the issue has only been spotted on iOS® devices so far, it’s possible that Android® devices are also being tracked.

List of IoT Medical Devices Grows, Along with the List of Threats

Many of us may remember hearing that internet-connected pacemakers were potentially susceptible to cyberattacks. Now, several imaging sensors, prosthetics, and other connected medical devices, which are either currently available or in production, don’t appear to have proper security precautions. In addition to the possibility that these devices could be accessed remotely, there’s also a chance they could be used to steal any personal medical data they record.

Chipotle Payment Processing Systems Compromised

In the last week, Chipotle’s CFO released a statement about unauthorized activity on their internal payment processing network. While it appears their security measures did stop the attack, the company is working with its payment processor to monitor customer accounts for any suspicious activity over the 3-week period in which the breach occurred.

Mole Ransomware Brings Two Forms of Encryption

As ransomware continues to evolve, the tactics to ensure a successful attack have improved right along with them. With the Mole variant, criminals use RC4 encryption and RSA for decryption, leaving victims with no way to decrypt their files or even tell them apart. The infection begins by executing a javascript file that pretends to be a Flash update, then changes all file extensions to .MOLE. It finishes by scrambling all of the filenames with hexadecimal values.

FalseGuide Android Malware Reaches 2 Million Victims

In a recent study, researchers discovered the prevalent Android malware FalseGuide has affected over 2 million individual devices. The malware proliferates by disguising itself as game guides for dozens of popular mobile games, and, after being installed, requests admin privileges to remove any options for the user to delete the app. After gaining admin access, the malware registers itself on a cloud messaging service to receive remote commands.

Share Button

Leave a Reply

Your email address will not be published. Required fields are marked *