Inside | Real news, curated by real humans
Inside Security

Inside Security (May 14th, 2018)

Hackers targeted the Danish national train system over the weekend, according to this report. It was a DDoS attack, and customers couldn’t use the online ticketing service during the incident. Also, the restaurant chain Chili’s was breached, and its notification is here about the incident, which happened in March and April. Credit card data may have been stolen. While disclosing quickly, the chain didn’t say which stores or how many customer records might have been compromised.  The beat goes on….

-- David Strom, editor of Inside Security

  • Email gray
  • Permalink gray

Last week, the Talos Security group published a detailed analysis paper on wiper-based malware, which includes ransomware and other attacks that destroy your files. Some wipers destroy the system code but not your data, others target just data. The report shows the composition of the malware payload, how it moves about your network, and shows some sample timelines of previous attacks. Well worth reading.

  • Email gray
  • Permalink gray

Security researchers are reporting that seven malicious Android apps they have detected and reported to Google the first time, have slipped back into the Play Store after changing their names. All of these apps have built-in wait times of four hours before undertaking their actual malware purposes and use another app as launcher icon to better hide from detection. -- SYMANTEC

  • Email gray
  • Permalink gray

Facebook says it has suspended around 200 apps for potentially misusing people’s data, following an audit that was prompted by the Cambridge Analytica scandal. The social networking company will examine these apps further to determine if any data misuse was done and then they will be either reinstated or banned. – FACEBOOK NEWS

  • Email gray
  • Permalink gray

Midmarket IT solutions provider Presidio has acquired Red Sky Solutions for $40.8M in cash and stock. Presidio CEO is Bob Cagnazzi.

SafeBreach announced a $15 M series B round led by Draper Nexus. The Silicon Valley-based firm sells hacking simulation tools and its CEO is Guy Bejerano.

PhishLabs has raised a $20.5M round and has acquired its Canadian competitor BrandProtect. It is based in Charleston, SC and its CEO is Tony Prince.

Protego has raised a $2M seed round from Ron Gula and other investors. The Baltimore-based startup is putting together a security tool for serverless networks. Tsion Gonen is its CEO.

ERP Maestro has raised a $12M funding round, led by Aspen Capital. The Weston, Florida-based firm sells SAP-based access controls and its CEO is Jody Paterson.

Red Points has raised a $12M B funding round led by Eight Roads Ventures. It is based in Barcelona and sells machine-learning network protection tool. Its CEO is Laura Urquitzu.

  • Email gray
  • Permalink gray

A new malware campaign is infecting users through the Google Chrome store (since removed) with an extension called Niglethorn. It can use a fake YouTube page to play a video.  It runs on both Windows and Linux Chrome browsers and bypasses Google security checks. About 25,000 end users have been infected so far, and the malware is spread through Facebook networks. It steals data and sets up cryptominers. – RADWARE BLOG

  • Email gray
  • Permalink gray

The Zeus banking Trojan Panda is back and still primarily focused on financial services organizations. The campaigns are after Facebook and Twitter users and have control servers based in Russia and China. – F5 BLOG

  • Email gray
  • Permalink gray

Scammers designed a phishing website and encrypted it with AES in their attempts to steal unsuspecting users’ Apple IDs. The phish is designed to mimic Apple notifications, requiring victims to update their payment data. When you click on the “unlock account now” link as shown, you are directed to a page to collect your private data.  – TREND MICRO BLOG

  • Email gray
  • Permalink gray

Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops. The bug could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction. It has been fixed with this update and users are urged to download the new code. Alfredo Ortega announced a proof-of-concept last week. – THE HACKER NEWS

  • Email gray
  • Permalink gray

James Robinson, 32, is an Akron man who was arrested and charged in federal court for launching denial of service attacks that shut down websites for the city of Akron and the Akron Police Department. The attacks happened last August and shuttered sites for a week. – FBI WEBSITE

  • Email gray
  • Permalink gray

A low-volume data-stealing campaign named Vegas Stealer has the potential to get much bigger, according to researchers. It has begun targeting retail and manufacturing companies and tries to obtain credit card data and other private information. – PROOFPOINT BLOG

  • Email gray
  • Permalink gray

Yes, very true: 50 NERDS of GREY @ TWITTER

  • Email gray
  • Permalink gray

Subscribe to Inside Security

MORE NEWSLETTERS

Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

Fascinating, curious and amazing journalism, all in one link.

DAILY
Fascinating, curious and amazing journalism, all in one link.

ReadThisThing

DAILY

SUBSCRIBED!

Share via

News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

News, people, culture, events and the trends shaping the Bay area

DAILY
News, people, culture, events and the trends shaping the Bay area

Inside San Francisco

DAILY

SUBSCRIBED!

Share via

For those in the business of buying, selling, and developing real estate.

Inside Real Estate

For those in the business of buying, selling, and developing real estate.

TWICE WEEKLY
For those in the business of buying, selling, and developing real estate.

Inside Real Estate

TWICE WEEKLY

SUBSCRIBED!

Share via

Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

Inside Automotive

Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

TWICE WEEKLY
Electric vehicles, self-driving automobiles, smart cars and the world of 21st century transportation

Inside Automotive

TWICE WEEKLY

SUBSCRIBED!

Share via