Risk Radar Free Cyber Newsletter – Aug 30, 2016

Apple Spears Trident Zero-Days with Security Update
Apple has released an out of band patch for the Trident zero-day exploits. The Trident exploits have been used in the wild for a significant amount of time according to Lookout. It appears the attacks are highly targeted and lean toward high-level corporate espionage. If you have not update your iOS devices you should soon.

It appears a hacking group is selling iPhone exploits to governments, it is thought the Trident exploits are from this group.

Fantom Ransomware Encrypts your Files while pretending to be Windows Update
A new ransomware encrypts your files while you watch, the ransomware hides as a critical windows update. The ransomware put up a blue windows update screen that put the user at ease while his files are encrypted.There is some good news in the battle with ransomware, Wildfire ransomware now has a decryption tool.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

RIPPER ATM Malware Uses Malicious EVM Chip
A new ATM malware is being used to attack ATM’s in Thailand. A malicious EVM chip in the ATM card is used to open a backdoor into the ATM, then RIPPER malware is installed onto the ATM. At this point, the attackers can force the ATM to dispense money.

Pacemaker Hacking Fears Rise With Critical Research Report
A current group of pacemakers, defibrillators and other devices from a manufacturer are substantially more open to attack. The security researchers site multiple major security flaws that make these devices open to potentially catastrophic attacks. The medical vendor has not made a full response at this time.
Trust exercise: Symantec’s new website security expert is reaching out to hacker community
Symantec’s senior director of engineering of its Website Security team is reaching out to independent hackers. The goal is to get up to speed on crazy and interesting research that is not coming up in corporate research. The pros and the cons of this approach are discussed in the article.
I’m being asked to create a new password on—why, and what should I do?
Dropbox is asking users who have not changed their passwords since 2012. The password change is due to Dropbox discovering an old set of user data from 2012, they have not seen account attacks at this point. The password change and request to setup 2-factor authorization is a precaution at this time.