Friday Five: 6/03 Edition
It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.
Threat researchers have outlined their findings on a newly discovered malware, Irongate, which targets industrial control systems (ICS). So far, there’s been no sign of any attacks, and Irongate is believed to be in a proof-of-concept phase. The malware, which has some SCADA references in its code, targets a Siemens PLC simulation environment via a man-in-the-middle attack on a specific piece of custom PLC SIM code. Irongate resembles Stuxnet, another ICS/SCADA malware that manipulated industrial processes, and is the first malware discovered post-Stuxnet that attempts to emulate those techniques. Read more about Irongate on Dark Reading.
FACC, an Austrian company manufacturing aircraft parts, revealed in January that it had fell victim to a huge whaling attack. The CEO had been targeted by a phishing scam and around 40 million euros were lost, leading to a net loss in profit of about 23 million euros for the year. Though the CFO had been let go in February, the company had stated that the attack did not pose an economic threat to the company. However, following the release of the company’s annual financial results, the CEO has now been sacked. For more on the aftermath of FACC’s whaling attack, read the full article.
MySpace is back in the headlines! A set of stolen Myspace credentials have been posted up for sale on an online hacker forum. Though the data is several years old, from before the site’s relaunch in 2013, over 360 million accounts have been compromised. Some accounts have a second password, which leads to more than 427 million passwords exposed, and for those who use the same password, this could pose a threat. This may be the largest data breach of all time, even greater than the U.S. voter database breach last year. Myspace has taken action to notify users, invalidate passwords of affected accounts, and attempt to identify and block suspicious activities. Read the full article for more about this hack.
Following major breaches at banks in SWIFT’s network such as the $81 million Bangladesh Bank heist, SWIFT has committed to improving their security. They will move to: strengthen security requirements for their customer’s software; enhance security baselines and develop audit standards for the management of SWIFT messages at customer sites; and enhance security support by third party providers. In addition, SWIFT has made moves to utilize two-factor authentication for money transfers. For more on this SWIFT update, read the full article.
For a whopping $90,000, hackers can buy a Windows zero day vulnerability, which works on Windows Systems from 2000 to 10, to gain better access to compromised machines. The seller, going by the name of BuggiCorp, demonstrates the vulnerability through proof-of-concept videos. The vulnerability would allow hackers to gain access to enterprise computers using unprivileged accounts to gain god-mode rights, which can be used for such things as stealing credit cards. Though seemingly expensive, 90 grand isn't much compared to how much organized crime groups can make. Read the full article for more info.