Friday Five: 3/10 Edition
It's Friday! Catch up on the latest infosec headlines with our weekly news roundup.
1. C.I.A. Scrambles to Contain Damage From WikiLeaks Documents by Matthew Rosenberg, Scott Shane, & Adam Goldman
Earlier this week, WikiLeaks released thousands of pages of software tools and techniques used by the CIA to hack into smartphones, computers and internet-connected TVs. Both WikiLeaks and investigators say the perpetrator was a disaffected insider and not a foreign state. Though the CIA has refused to admit the authenticity of the leaked documents, it has moved quickly to defend itself, especially since the agency is legally prohibited from spying on individuals in the US. The documents contained 7,818 web pages and 943 attachments, many which describe ways to hack devices using vulnerabilities. WikiLeaks founder Julian Assange has said that WikiLeaks will share information with tech companies on those product vulnerabilities, so that they can patch them more efficiently. For more info, read the full article.
River City Media (RCM) a well-known spamming operation failed to properly configure their Rsync backups and exposed their entire operations. The security researcher who discovered the breach found Hipchat logs, domain registration records, accounting details, infrastructure planning, and business affiliations. He also uncovered over a billion email accounts that will receive spam. Some of those email accounts are even associated with physical and IP addresses. In order to avoid anti-spam measures, RCM used warm-up email accounts to collect other emails via co-registration, where a person who signed up for something online has their address shared with a third-party. Read the full article on CSO for an in-depth overview of RCM’s operations.
At some point in time, you’ve probably received a phishing email from a Nigerian prince promising you a cut of millions from his fortune if you help move his money. Well these West African phishers have made over $3 billion in 3 years via the malware hidden in these email attachments. They’ve also begin using business email compromise (BEC) schemes in which the attacker sends authentic-looking invoices or internal memos to businesses and trick employees into paying them money. The emails may also contain malware that infect work computers, eventually allowing the attackers to gain access to bank accounts. Victims include a Texan company which lost $3.2 million and FACC, an Austrian engineering company, which lost over $54 million. Some of these scammers are of the younger crowd who like to flaunt their wealth, but the more dangerous are the next-level cybercriminals who run entire money-laundering operations and work with relatives in other countries to ease the scamming process. Head over to The Register for the full story.
Whistleblowers have come forward stating that they were among hundreds of staff hired to scam TalkTalk customers. They were employed by front-companies set up by professional scammers. As many as 60 employees worked in shifts in each office, pretending to be calling from TalkTalk and trying to gain access to their bank accounts. TalkTalk has faced many security problems over the past few years. Not only were they hacked in October 2015 but there were also three Wipro employees who were arrested for possibly selling customer data. TalkTalk has launched a Beat The Scammers campaign to help their customers stay safe from scammers and phishing attacks. Read the full article on BBC.
As a result of the breach in 2014, which was one of the biggest in history, Home Depot has agreed to pay dozens of banks $25 million in a settlement which also requires the company to tighten its cybersecurity practices and place more scrutiny on its vendors. This is in addition to over $150 million Home Depot has paid in compensation to consortiums as well as customers and doesn’t include the addition of legal fees and other undisclosed payouts that may occur. Home Depot’s data breach shows the importance of POS Security and how payment-related breaches hold companies liable to not only consumers but also financial institutions. Read the full article for more info.