Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: Anonymous reveled it has been targeting ISIS extremist since the Charlie Hebo attack, they plan to continue to hack the extremist group and provide the information they find to the collective intelligence agencies. The FBI has now released the ten most wanted fugitives in the cyber arena, they are even offering up to $3m for information on the cybercriminals. As the holiday’s approach, new POS malware is emerging, 15 unique families and 70 individual variants have been identifies so far. Reports if police body cams being shipped out with old-school virus’ already preloaded on the device raise yet another concern about the growth of the Internet of Things and how easily almost anything can be infected
The Anonymous hacker group has taken to YouTube to launch an online attack on ISIS and its supporters. Under the banner #OpParis, the group’s released a video on YouTube in which it threatens to hack into ISIS websites to steal and leak information about supporters’ plans. Members say they’ve already taken thousands of pro-ISIS Twitter accounts offline – in some cases even managing to capture geo-locations and pass them on to security agencies in the US and Europe. They also claim to have taken more than a hundred ISIS-affiliated websites offline.
The American public is largely unaware that the FBI also publishes a list of its Cyber’s Most Wanted. These cyber offenders purportedly committed electronic crimes including computer hacking, bank fraud, identity theft, and others, which have caused massive data breaches and damages to U.S. businesses, government agencies, and citizens. The FBI and The United States Department of State’s Transnational Organized Crime Rewards Program is offering large rewards for information leading to the arrest and/or conviction of its most wanted cyber criminals.
Trustwave, the security firm that first publicly identified the Backoff POS malware that affected more than 1,000 U.S business in 2014, is now warning about the Cherry Picker POS malware. Cherry Picker is unrelated to the Backoff malware family and could well be older than Backoff, according to Eric Merritt, security researcher, Trustwave SpiderLabs. He noted that the initial reporting on Cherry Picker was done several years ago.
Suggestions that police body cams have shipped with Conficker malware shows how careful device manufacturers must be, especially given the growth in the Internet of Things. The virus, classified as a worm virus, immediately started to attempt to spread to other machines on the iPower lab network, and also attempted several phone home calls to internet sites.