Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: A Symantec researcher reports support scams are getting more aggressive as they are now using Nuclear exploit kits to distribute ransomware. The VTech security breach that exposed the data of 6.4 million children is the largest-ever hack targeting kids. The Australian Bureau of Meteorology is refusing to comment on an alleged data breach reported by ABC. Finally, Cisco has fixed a vulnerability in the Android application WebEx Meetings that could potentially allow attackers to hijack its permissions.
Apparently tech support scams never get old. But they have gotten more aggressive, according to a Symantec blog post penned by researcher Deepak Singh. “We’ve recently seen many instances where attackers serve tech support scams and the Nuclear exploit kit almost simultaneously,” Singh wrote. “We found that the scam’s web pages include an iframe redirecting users to a server hosting the Nuclear exploit kit” that takes “advantage of the Adobe Flash Player Unspecified Remote Code Execution Vulnerability (CVE-2015-7645), among other security flaws.” When a user lands on the scam page, the Nuclear EK tries to exploit vulnerabilities on the potential victim’s computer. If successful, the kit then drops Trojan. Cryptowall ransomware or Trojan.Miuref.B that steals information, Singh said, calling the attack “a serious problem for users” primarily because they’re distracted by the fake warnings while the ransomware is busy at work trying to find and encrypt files.
A cyber attack on digital toymaker VTech exposed the data of 6.4 million children, the company said on Tuesday, in what experts called the largest known hack targeting youngsters. The Hong Kong-based firm said the attack on databases for its Learning Lodge app store and Kid Connect messaging system affected even more kids than the 4.9 million adults that the company disclosed on Friday.
The Australian Bureau of Meteorology (BOM) has asserted that its systems are fully operational and reliable in reponse to a report by the ABC that the weather bureau had suffered from a large breach. “It could take years and cost hundreds of millions of dollars to fix,” a source told the national broadcaster. The ABC said it was told that the source of the attack was China. In response, the BOM was tight-lipped. “The Bureau does not comment on security matters,” it said. “Like all government agencies, we work closely with the Australian Government security agencies.”
Cisco has fixed a vulnerability in its WebEx Meetings application for Android that allowed potentially rogue applications to hijack its permissions. The issue, which affected all versions of the app older than 8.5.1, stemmed from the way custom application permissions were implemented and assigned at initialization time.