10Fold – Security Never Sleeps – 93

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Hackers appear to have made off with the equivalent of $2 million in digital currencies from Gatecoin, according to a notice posted on the exchange’s website. The cyberattack that knocked hundreds of school networks offline in Japan last week had at least one novel feature: It was allegedly instigated by a student. DMA Locker fixes known flaws and adopts new exploit kit-based distribution model.

Hackers Steal $2 Million From Bitcoin Exchange In Hong Kong, Bounty Offered To Recover Funds – Publication: Forbes – Reporter name: Robert Olson

Gatecoin is an exchange and trading platform for a range of digital currencies. It was cofounded in July 2013 by Menant, a former investment banker with Societe Generale, J.P. Morgan and BNP Paribas . Menant is also a founding member of the Bitcoin Association of Hong Kong, which seeks to foster and promote Bitcoin and its technology. “Criminals understand cryptocurrency better than almost anyone, which probably helps explain some of their success in this area,” Bryce Boland, Chief Technology for Asia Pacific at FireEye, said in an e-mail. “Unfortunately we’re going to see many more of these incidents before things get better.”


Who’s hacking schools now? The students – Publication: CNBC – Reporter name: Harriet Taylor

In the U.S., Rutgers, Arizona State University and the University of Georgia have had denial-of-service attacks in the past year. These attacks are often so effective that they completely overwhelm networks and prevent students, teachers and administrators from being able to log on. This wreaks havoc on large administrations and results in delays, for example, in class registration and final exams.


New DMA Locker ransomware is ramping up for widespread attacks – Publication: CSO – Reporter name: Lucian Constantin

Previous DMA Locker versions did not use a command-and-control server so the RSA private key was either stored locally on the computer and could be recovered by reverse-engineering, or the same public-private key pair was used for an entire campaign. This meant that if someone paid for the private RSA key, that same key would work on multiple computers and could be shared with other victims.


4 Ways to Protect Against the Very Real Threat of Ransomware – Publication: Wired – Reporter name: Kim Zetter

Any company or organization that depends on daily access to critical data—and can’t afford to lose access to it during the time it would take to respond to an attack—should be most worried about ransomware. That means banks, hospitals, Congress, police departments, and airlines and airports should all be on guard. But any large corporation or government agency is also at risk, including critical infrastructure, to a degree. Ransomware, for example, could affect the Windows systems that power and water plants use to monitor and configure operations, says Robert M. Lee, CEO at critical infrastructure security firm Dragos Security. The slightly relieving news is that ransomware, or at least the variants we know about to date, wouldn’t be able to infect the industrial control systems that actually run critical operations.