State Governments Warned of Malware-Laden CDs Sent Via Snail Mail from China

Brian Krebs is a well-known computer security expert who often writes about security issues in his excellent online column. He recently wrote about a CD-ROM being sent to various U.S. state and local government agencies. The CD reportedly contains several very vicious viruses and other malware (malevolent software) products. The CDs aere sent by old-fashioned snail mail from a return address in China.

If you ever receive a CD-ROM disk from China, read Krebs’ article at http://bit.ly/2Oo36fC before inserting the disk into your computer!

Krebs’ article brings two thoughts to mind:

Continue reading

Hackers are Selling Backdoors into Windows PCs for just $10

If you use Windows, you want to know about this problem that apparently has been around for some time. Cyber criminals are offering remote access to IT systems for just $10 via a dark web hacking store — potentially enabling attackers to steal information, disrupt systems, deploy ransomware and more. Some of the products sold for $10 allow access to tens of thousands of compromised systems.

Systems advertised for sale on the forum range from Windows XP through to Windows 10, with access to Windows 2008 and 2012 Server most common.

Details may be found in an article by Danny Palmer in the ZDNet web site at: https://tinyurl.com/y7xuxp8d.

If You are Using the Stylish Web Browser Extension, Your Private Information is being Collected and Used for Unknown Purposes

Google and Mozilla have ejected the popular Stylish extension from their respective catalogs following a complaint that it collects data about website visits in a way that could be used to identify users.

Software engineer Robert Heaton first identified the security issue and warned, “the Stylish browser extension steals all your internet history” and collects enough information to identify individuals from historical web usage.

Details may be found in an article by Liam Tung in the ZDNet web site at: https://zd.net/2KMinYI.

Every Android Device Launched Since 2012 may be Impacted by a RAMpage Vulnerability

Do you have an Android cell phone, tablet, walkie-talkie, or other mobile device? Assuming it was introduced in 2012 or later, it contains a major security bug. The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack, a hardware bug in modern memory cards.

While the problem is significant, there is no evidence that hackers have ever used it for malicious purposes. Security researchers found the weakness and developed test software to prove that it is a problem. A team of eight academics from three universities and two private companies revealed a new Rowhammer-like attack on Android devices named RAMpage. However, the academics do not know of any Rowhammer attacks in the wild.

The researcher team also believes RAMpage may also affect Apple devices, home computers, or even cloud servers.

You can read more in an article by Catalin Cimpanu in the Bleeping Computer web site at: https://tinyurl.com/y8e7n9k2.

Free Decryption Tool Released for Destructive File-Locking Thanatos Ransomware

Victims of a destructive form of ransomware, which fails to unlock files even if the ransom is paid, can now retrieve their files for free with a new file decryptor released by security researchers.

Thanatos ransomware first started targeting Windows systems in February and multiple versions of it have been released in the months since, indicating that those behind it remain an active threat.

Details may be found in an article by Danny Palmer in the ZDNet web site at https://tinyurl.com/yarbcmhg.

This new Windows Malware wants to Add your PC to a Botnet – or Worse

If you use Windows, you need to read an article by Danny Palmer in the ZDNet web site at https://zd.net/2yslXCr. It says:

A new malware campaign is roping systems into a botnet and providing the attackers with complete control over infected victims, plus the ability to deliver additional payloads, putting the victims’ devices at risk of Trojans, keyloggers, DDoS attacks and other malicious schemes.

The malware comes equipped with three different layers of evasion techniques which have been described by the researchers at Deep Instinct who uncovered the malware as complex, rare and “never seen in the wild before”.

Again, the full article is available at: https://zd.net/2yslXCr.

Skygofree: a Not-So-New Malware that Infects Android Devices

Skygofree apparently has been around for a while but was a minor problem until recently. Now it is infecting more and more Android cell phones and tablet computers. The malware (malevolent software) has the ability to grab call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device.

After manual launch, it shows a fake welcome notification to the user:

Dear Customer, we’re updating your configuration and it will be ready as soon as possible.

Then it steals your information and sends it to a server in an overseas location.

You can read the details in the SecureList web site at: https://securelist.com/skygofree-following-in-the-footsteps-of-hackingteam/83603/