UA-72240440-1

Risk Radar Free Cyber Newsletter – Aug 02, 2016

Date: August 10, 2016
Author: MRPE
Comments: 0 Comments
Categories: eCrime, Incident Response, Malware Threats, Mobile Security, Risk Radar FREE Newsletter, Security/Vulnerability Assessments

Keys to Chimera ransomware leaked
Ransomware competition between two developers has ended up helping victims affected with Chimera ransomware. The author of Petya has apparently leaked the decryption key for Chimera ransomware. The keys are being verified and work on a decryptor has started, the decyptor could take some time to finish.
Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.
New attack bypasses HTTPS protection on Macs, Windows, and Linux
A new man-in-the-middle attack leverages Web Proxy Autodiscovery (WPAD), the attack works on all major OS’s. This attack allows the attacker to work around the HTTPS encryption that web traffic depends on. A straight forward fix in the OS or browser is not available at this point.
Russian Hackers May Have Hit the Dems’ Donor Site Too
The FBI has found a cyber-attack on the Democratic Congress Campaign Committee (DCCC). US government thinks the attack could be tied to Russia. The attack has similarities with the DNC attack, which has been attributed to Russian government linked hackers. Some are wondering if the attacks are motivated to influence the US Presidential Election. The White House has enhanced their cyber threat response action plan.
LastPass Security Updates
LastPass has been in the news for two security issues lately, they give an update in this post.  The security issues have been addressed, LastPass also includes some guidelines to keeping your passwords safe. This is a good example of responsible disclosure of security exploits by researchers working with a receptive company fixing security issues.
Protecting Android with more Linux kernel defenses
It is good to know Google is taking Android security seriously, this security blog covers the defenses utilized in the Linux kernel. The article covers defenses that are already implemented and defenses being worked on for future OS releases. This is a good thing as a new Trojan attack could be hitting Android soon.
WhatsApp Forensic Artifacts: Chats Aren’t Being Deleted
It appears that the chats in WhatsApp are not being deleted. The article covers the issues and gives some possible fixes to the problem.

One of the more robust encrypted messages solutions is Signal. Wired has an interesting interview with Moxie Marlinspike, the creator of Signal. Signal technology will be used in Facebook Messengers encrypted messaging.