Facebook was found to be have been scraping call and text-message data from Android phones for years. To read more: https://arstechnica.com/information-technology/2018/03/facebook-scraped-call-text-message-data-for-years-from-android-phones/
Boeing
Boeing is the latest victim of the WannaCry ransomware attack. To read more: http://www.zdnet.com/article/boeing-confirms-malware-attack-downplays-production-impact/
Baltimore 911
Unknown hackers temporarily caused a shutdown of Baltimore’s automated emergency-dispatch system. Following the breach, the dispatchers faced 17 hours of disruption. To read more: http://www.zdnet.com/article/cyberattack-disrupted-baltimore-emergency-responders/
Under Armour
Under Armour announced that a security breach affected 150 million users of the food app MyFitnessPal. The hackers stole usernames, email addresses and hashed passwords. To read more: https://www.cnbc.com/2018/03/29/under-armour-stock-falls-after-company-admits-data-breach.html
Saks, Lord & Taylor
Hudson’s Bay Company was hit by a security breach that compromised payment-card data at its Saks and Lord & Taylor stores in North America. To read more: https://www.reuters.com/article/us-hudson-s-bay-databreach/saks-lord-taylor-hit-by-payment-card-data-breach-idUSKCN1H81E8
AVCrypt ransomware
A new type of ransomware, AVCrypt, tries to remove existing antivirus products from a victim’s PC before encrypting the compromised computer. It also deletes a selection of Windows services. To read more: http://www.zdnet.com/article/avcrypt-ransomware-attempts-to-eradicate-your-antivirus/
GoscanSSH malware
A new malware family known as GoScanSSH targets public-facing SSH servers, but avoids those linked to government and military IP addresses. The malware is written in Go and tailors binaries for each target. To read more: https://threatpost.com/goscanssh-malware-targets-ssh-servers-but-avoids-military-and-gov-systems/130812/
Sanny Malware
This malware, which has been active since 2012 and delivers its payload via compromised Word documents, has been made significantly more effective and sophisticated, and now uses a multi-stage approach that, among other things, now enables it to infect Windows 10. To read more: https://threatpost.com/sanny-malware-updates-delivery-method/130803/
Coinhive
Multiple security firms have identified Coinhive, the cryptocurrency mining server, as the top malicious threat to Web users. To read more: https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/
Branch predictors
A processor’s branch predictor is one core piece of speculative execution machinery. Researchers from a variety of universities have uncovered an attack, similar to Spectre, that uses this feature to leak sensitive information and undermine security. To read more: https://arstechnica.com/gadgets/2018/03/its-not-just-spectre-researchers-reveal-more-branch-prediction-attacks/?amp=1
Drupal
Anyone running a website built with Drupal needs to patch immediately. There is a remote code-execution vulnerability in multiple subsystems of Drupal’s content-management system software. To read more: https://www.theregister.co.uk/2018/03/28/drupal_urgent_security_software_patch/
Cisco
Cisco has released patches for 34 vulnerabilities affecting IOS and IOS XW networking software. The most serious flaw could enable a remote unauthenticated hacker to exploit the client and reload an affected device to cause a DoS. To read more: http://www.zdnet.com/article/cisco-critical-flaw-at-least-8-5-million-switches-open-to-attack-so-patch-now/
Fauxpersky
A newly discovered keylogger malware called Fauxpersky is infecting computers in the wild. The malware impersonates the antivirus software Kaspersky and is built off AutoHotKey, which lets users write small scripts for automating tasks. To read more: http://www.zdnet.com/article/fauxpersky-malware-steals-sends-passwords-google-forms/
Sign up below and receive weekly breach reports directly in your inbox.