10Fold – Security Never Sleeps – 6

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Starwood Hotels reports a data breach in some of its hotel’s point-of-sale system that left customer payment information exposed. LinkedIn has patched a persistent XSS vulnerability found by researcher Rohit Dua. Google’s VirusTotal will now begin to offer apple malware scanning sandbox to mitigate the rise of OS X-based malware. PandaLabs reports Q3 2015 saw an average of 230,000 new malware samples every day. The Clearswift Insider Threat Index survey finds 78% of this year’s breaches originated from an internal threat.

Starwood Hotels Says Point-of-Sale Systems Infected With Malware – Publication: Reuters – Reporter name: Ankit Ajmera

Starwood Hotels & Resorts Worldwide Inc said the point-of-sale systems at some hotels in North America were infected with malware, enabling unauthorized parties to access payment card data of some customers. The company said an investigation showed no indications that guest reservation or customer information, such as contact information or PINs, were affected.


LinkedIn Patches Serious Persistent XSS Vulnerability – Publication: ZDNet – Reporter name: Charlie Osborne

A persistent cross-site scripting (XSS) vulnerability impacting recruitment network LinkedIn has been fixed within hours of being reported. India-based security researcher Rohit Dua discovered the website’s vulnerability and disclosed the flaw Wednesday on Full Disclosure. The persistent XSS security flaw, dubbed a “more devastating variant” of a cross-site scripting flaw as malicious data provided by an attacker is saved by the server and permanently displayed on Web pages accessed by normal users of the website, impacted LinkedIn’s help forums.


Google’s VirusTotal Now Analyzes Mac Malware In Sandbox Playground – Publication: ZDNet – Reporter name: Charlie Osborne

Apple’s OS X-based malware is on the rise, and so Google-owned VirusTotal is adding support for malware detection in files used by this operating system. The service, acquired by Google in 2012, offers free utilities for researchers — and black hat malware creators — to test files and URLs for suspicious code. VirusTotal detects malicious code ranging from Trojans to worms and viruses, supporting the submission of approximately 1,500,000 files in November alone. On Tuesday, Karl Hiramoto, Technical Solutions Consultant at VirusTotal, said in a blog post that Mach-O executables, DMG files or ZIP files containing a Mac app can now be scanned for malicious code in the VirusTotal sandbox environment.


Q3 Sees 21 Million New Malware Samples – Publication: Info Security – Reporter name: Phil Muncaster

July to September saw 21 million new threats emerge globally, bucking the usual trend in summer of a slowdown in activity, according to Panda Security. The Spanish-headquartered firm’s PandaLabs report for Q3 2015 claimed a whopping 230,000 new malware samples were seen every day on average during the period. Trojans were by far the most common, accounting for 69% of all malware. Traditional viruses were the next most common, accounting for 11%, followed by worms (6%), and adware/spyware (5%). In the third quarter trojans were even more prolific, accounting for nearly 78% of all malware.


Report: Insider Threat More Dangerous Than External Risks – Publication: SC Magazine – Reporter name: Greg Masters

The annual Clearswift Insider Threat Index (CITI), which surveyed more than 500 IT decision-makers and 4,000 employees across the U.S., U.K., Germany and Australia, examines the risks insiders pose to their organizations and why firms have been slow to address internal security threats. The consequence is that over the last year, 78 percent of breaches have originated from within the extended enterprise (including contractors and ex-employees), the report found.