10Fold – Security Never Sleeps – 85

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Cybersecurity professionals warn that anyone with a personal email account might want to change their passwords following revelations of a massive cache of stolen usernames and passwords being offered for sale on the Internet. Fiat Chrysler Automobiles Chief Executive Sergio Marchionne said Friday FCA and Alphabet Inc’s Google have yet to determine who will own data collected in their collaboration on testing self-driving vehicles. Hackers caused disruption to a Locky campaign after they breached one of the attackers’ server and replaced the real ransomware with a harmless file containing the string “Stupid Locky.” For the past five years, a vulnerability in many Android phones has left users’ text messages, call histories, and possibly other sensitive data open to snooping, security researchers said Thursday.

Cyber Experts: Change Passwords After Massive Hack – Publication: NBC News – Reporter name: Tom Costello

The thefts involved some of the biggest email providers in the world such as Google, Yahoo, Hotmail and Microsoft. The bulk of the stolen accounts—some 272.3 million—include Russia’s Mail.ru users, according to Alex Holden, founder and chief information security officer of Hold Security who discovered the theft. “We know he’s a young man in central Russia who collected this information from multiple sources,” Holden told NBC News. “We don’t know the way he did it or the reason why he did it.” The user names and passwords were being offered for sale on the so-called “dark web” where hackers hock their goods.


Fiat Chrysler CEO: Data ownership unclear in working with Google – Publication: Reuters- Reporter name: Bernie Woodall

Earlier this week, FCA and Google announced that they would align to fit 100 of the Pacifica minivans made at Windsor for Google’s self-driving test fleet. Marchionne said there are many aspects of the project with Google that have yet to be determined, such as whether the two will develop an open-source software platform that could be shared with others. Marchionne said that what has been agreed so far with Google is limited, but he suggested that the alliance could evolve.


Hackers Disrupt Locky Ransomware Campaign – Publication: SecurityWeek – Reporter name: Eduard Kovacs

According to Avira researcher Sven Carlsen, the attack started with a spam email designed to trick recipients into opening an attachment by informing them of an unpaid fine. The attached file is actually a malware downloader configured to fetch the Locky ransomware from a server whose location is determined based on a domain generation algorithm (DGA). The downloader then executes the file. However, in the attack analyzed by Avira, the downloader did not fetch Locky and instead it downloaded a 12Kb executable containing the message “STUPID LOCKY.” Since the file did not have a valid structure, the downloader failed to execute it, resulting in an error message being displayed.


Critical Qualcomm security bug leaves many phones open to attack – Publication: Ars Technica – Reporter name: Dan Goodin

The flaw, which is most severe in Android versions 4.3 and earlier, allows low-privileged apps to access sensitive data that’s supposed to be off-limits, according to a blog post published by security firm FireEye. But instead, the data is available by invoking permissions that are already requested by millions of apps available in Google Play. Company researchers said the vulnerability can also be exploited by adversaries who gain physical access to an unlocked handset. Indexed as CVE-2016-2060, the bug was first introduced when mobile chipmaker Qualcomm released a set of programming interfaces for a system service known as the “network_manager” and later the “netd” daemon.