Risk Radar Free Cyber Newsletter – Oct 04, 2016

Researchers Break MarsJoke Ransomware Encryption
The battle between the white hat and black hat continues. Researchers at Kaspersky Lab have decrypted files from the MarsJoke ransomware. A weak random number generator made the decryption fairly easy. I have no doubt the MarsJoke people are working on this for the next version of MarsJoke.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

OpenJPEG Flaw Allows Code Execution via Malicious Image Files
An exploit in OpenJPEG is allowing code execution using a crafted JPEG2000 file. This is a serious issue because several popular PDF readers use OpenJPEG. OpenJPEG developers have patched this exploit in version 2.1.2.

Amazon Implements Password Reset after Credentials Leaked Online
Amazon discovered a leaked list of addresses and passwords online. If you have received a password reset email from Amazon this may be why. Amazon is recommending users don’t reuse passwords when they reset their password. They are also recommending that customers setup two factor verification.

The Internet Finally Belongs to Everyone
The US no longer has total control over the internet address book. This control has been handed over to Internet Corporation for Assigned Names and Numbers (ICANN). The article does a good job of covering the changes and potential issues from this change.
Backdoored D-Link Router Should be Trashed, Researcher Says
If you have a D-Link DWR-932B router you may want to think about replacing it.  A researcher has discovered numerous bugs and backdoors in the router, it is unclear at this time if D-Link will be fixing these bugs in the router. With IoT devices being targeted for use in DDoS attacks and being used as a pivot point in network attacks you don’t want a vulnerable router on your network.
Vulnerabilities in Insulin Pumps Can Lead to Overdose
An interesting vulnerability has been found in an insulin pump, the vulnerability could lead to overdose of insulin. The manufacture and researcher are both saying the likely hood of this exploit being used in an attack is relatively low. Issues like this bring up questions about FDA oversite on security of devices like this.