Friday Five: 12/29 Edition
Catch up on the week's infosec news with this recap!
Wired took a look at the ongoing cryptojacking craze Friday. The technique, which relies on hijacking unsuspicious users' browsers to mine cryptocurrency--usually Monero--has caught on like wildfire over the last several months. The article mostly takes a look at Coinhive, a company that allows organizations to install an in-browser miner to earn money, and the inherent troubles associated with it. The big issue that's unlikely to change is that regardless what form the threat takes, there's a ubiquitous lack of consent; victims can rarely choose if their machines are co-opted.
Researchers with Barracuda Networks warned of an ongoing scam shortly before Christmas targeting users with printer-scanner devices from HP, Canon, and Epson. According to DarkReading, who recapped the research last Friday the campaign is leveraging phishing emails laden with malicious PDFs and trying to avoid detection by changing file names. It's a little fascinating really; it's an age-old exploitation technique but still working for some attackers apparently.
Ancestry.com announced that some members of RootsWeb, its genealogical community, may have had their email/usernames and passwords stolen late last week. While users' credit card numbers and social security numbers weren't compromised, information on roughly 300,000 users may have been breached, the company's CISO said in a blog post last weekend. According to SC Magazine's Doug Olenick, who reported on the breach Thursday, it was initially reported by an outside security researcher on December 20, meaning the company worked fairly fast - especially in light of the holiday - to disclose it.
4. Tastylock Cryptomix Ransomware Variant Released by Lawrence Abrams
Just because it's the holidays doesn't mean attackers take a vacation from creating, testing, and releasing new types of malware. Case in point: Tastylock, a new CryptoMix ransomware variant discovered recently by Michael Gillespie. Lawrence Abrams, the ransomware pro behing BleepingComputer detailed the malware on Thursday. While the encryption methods are the same, this iteration appends .tastylock to the end of files and changes the contact email used to get the victim to pay the ransom.
Becker's Health IT & CIO Review's Jessica Kim Cohen wound down the year last week by recapping nine fines resolving allegations against health systems by the HHS's Office for Civil Rights in 2017. The costliest one, imposed on Florida's Memorial Healthcare System, asked for $5.5M after it was determined unauthorized employees accessed protected health information belonging to 115,143 individuals.