Risk Radar Free Cyber Newsletter – Apr. 19, 2016

Out-of-date apps put 3 million servers at risk of crypto ransomware infections
Ransomware is taking advantage of out-of-date software on millions of internet accessible servers. These servers are at risk of being infected with ransomware. The Red Hat JBoss application is a big target right now. Cisco researchers have found evidence of compromised servers belonging to schools, governments, aviation companies, and other organizations.
US-CERT to Windows Users: Dump Apple QuickTime
Apple is no longer providing security updates for QuickTime on Windows. US Computer Emergency Readiness Team (US-CERT) is recommending Windows users to uninstall QuickTime right now.
Badlock Vulnerability Falls Flat Against Its Hype
Badlock has turned out to not be the monster it was thought to be. The remote code execution monster turned out to be a man-in-the-middle/denial-of-service bug. One of the risks from over hyping bugs like this is truly important vulnerabilities that need patched may be ignored.
Mac Users Attacked Again by Fake Adobe Flash Update
For the Mac users that still have flash installed watch out for Adobe Flash update prompts that come up. It is best to get Adobe Flash updates from the Adobe website. A legitimate Developer ID certificate is used to get around OS X’s Gatekeeper security. Mac users may want to consider uninstalling Flash if they can get by without it.
Qihoo 360: Just the Tip of the Whitelisted Malware Iceberg
Whitelisting can be a successful way of keeping malware out of your systems. What happens if malware gets whitelisted? The article breaks down how a bribed employee of a Chinese gaming company was able to get malware whitelisted (by an AV company) with the gaming company’s legitimate apps. Once the attackers had their malware whitelisted by the AV company they are able to get in Chinese app stores and run wild.
Users Really Do Plug in USB Drives They Find
A test was done on a large university campus using 297 USB drives, the USB drives were dropped around the campus. A large percentage of the USB drives were plugged into the university computers. One of the main reasons people plugged in the drives was to find out who the drive belonged to. Non-technical attacks like this and other social networking attacks continue to be an effective attack vector.