Risk Radar Free Cyber Newsletter – May 17, 2016

Latest Petya Ransomware Strain Comes with a Failsafe: Mischa
Petya ransomware needs to get admin privileges to install, if it does not get admin privileges the ransomware does not install. The hackers behind Petya have bundled another ransomware that will install if it does not get admin privileges. A decrypter for Mischa is not available at this time, this is where you need an intrusion plan in place before an infection happens.
Adobe Patches Yet Another Flash Zero Day
Adobe has released another zero day patch for flash on Windows, Mac, Linux, and Chrome OS. This is an out of band patch from Adobe. With the Adobe flash vulnerabilities being used by exploit kits like Angler and others there is a call for IT managers to ban flash from enterprise networks. Microsoft also has a zero day that is being patched in the most recent patch Tuesday. FireEye has named the zero day PunchBuggy, a dynamic link library (DLL) based attack.
Second bank hit with SWIFT-based hack, experts say patches failed
A second bank has been attacked through the SWIFT system. This new attack enable the hackers to remove signs of the fraudulent transfers. The article goes over the parts of SWIFT that need to be upgraded or changed to minimize these attacks.
Attackers Targeting Critical SAP Flaw Since 2013
Attacks on companies using SAP business applications have been carried out between 2013 and now. The Invoker Servlet (part of the J2EE specification) is used by attackers to exploit business systems. Invoker Servlet has valid uses for the customer, SAP is working on ways to secure Invoker Servlet. Applications in SAP are very customizable, this makes them harder to secure.
Crooks Go Deep With ‘Deep Insert’ Skimmers
Brian Krebs has a look on a new skimmer attack. The deep insert skimmers are put in the card reader slot, current anti-skimming solutions are not detecting the deep insert skimmers. The article goes into some interesting detail on deep insert skimmers.
Advance Disclosure Needed to Keep Users Secure
Mozilla has filed a brief in a case involving the Tor Browser, Tor Brower is partial build on Firefox code. The Judge has ordered the government to disclose the vulnerability in the Tor Browser to the defense team. Mozilla wants to receive the vulnerability also so it can fix the issue before the vulnerability is released to the defense team. It will be interesting to see what happens in this case in regards to Mozilla’s request.