Shellshock Phishing Attacks, Windows Zero-Day Vulnerability, Dropbox Hack and More | TWIC – October 17, 2014
Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- As Expected, Shellshock is Being Used for Phishing Attacks (PhishLabs)
Via Lancope, a botnet built by exploiting the Shellshock vulnerability is being used for phishing attacks: The bots reported over 100,000 phishing emails sent. The emails attempted to phish Spanish-speaking Citibank users.
- Microsoft Windows Zero-Day Vulnerability “CVE-2014-4114” Used to Hack NATO (TheHackerNews)
Once again a Russian cyber espionage group (Sandworm team) has gained media attention by exploiting a Zero-day vulnerability in Microsoft’s Windows operating system to spy on the North Atlantic Treaty Organization (NATO), Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year.
- There Is a New Security Vulnerability Named POODLE, and It Is Not Cute (Wired)
On a day when system administrators were already taxed addressing several security updates released by Microsoft, Oracle, and Adobe, there is now word of a new security hole discovered in a basic protocol used for encrypting web traffic. Its name is POODLE, which stands for Padding Oracle on Downgraded Legacy Encryption.
- Malware Based Credit Card Breach at Kmart (KrebsOnSecurity)
Sears Holding Co. said it recently discovered that point-of-sale registers at its Kmart stores were compromised by malicious software that stole customer credit and debit card information. The company says it has removed the malware from store registers and contained the breach, but that the investigation is ongoing.
- Hundreds Of DropBox Logins For Sale On Pastebin (Dark Reading)
Hundreds of Dropbox user login credentials were posted on Pastebin yesterday by a user who claimed to have 7 million more username-password combinations at the ready. The credential trader said they would release more logins if they received enough “support,” in the form of Bitcoin donations.
- Snapchat Images Flood the Internet after SnapSaved.com Hack (NakedSecurity)
Hundreds of thousands of supposedly self-destructing Snapchat snaps have been apparently jimmied out of the database for SnapSaved.com, a third-party website not affiliated with Snapchat that allows users to save unopened photos from Snapchat without the sender knowing the images have been saved.