Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: The latest data breach hit Wetherspoon British pub group that potentially affecting around 650,000 people. Microsoft claimed a victory over the Dorkbot botnet with assistance from the DHS and FBI. Australia will now have a working data-breach notification scheme set up for some time in 2017. New ransomware is hitting windows users and infecting them with the exploit kit called Angler.
The old website of British pub group JD Wetherspoon has been hacked, the company said on Friday, potentially affecting around 650,000 customers. The hackers obtained financial data for very few customers, the firm said in a statement, while no passwords were obtained for any customers.
Thursday Microsoft claimed a cryptic victory over Win32/Dorkbot botnet malware, but didn’t divulge much about how, simply saying it has assisted law enforcement to “disrupt” Dorkbot botnets. On December 3, US CERT released a Technical Alert about denting Dorkbot, as a collaboration between The United States Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and Microsoft.
The earliest that Australia will now have a working data-breach notification scheme is set to be sometime in 2017, after the Attorney-General’s Department released its exposure draft of amendments to the Privacy Act to create such a scheme. With consultation open until March next year, the legislative process yet to begin, and any notification scheme set to commence a year after the Bill passes parliament, that would leave Australia without a working data-breach notification scheme until 2017 at the earliest.
A new wave of crypto ransomware is hitting Windows users courtesy of poorly secured websites. Those sites are infected with Angler, the off-the-shelf, hack-by-numbers exploit kit that saves professional criminals the hassle of developing their own attack. The latest round is especially nasty because before encryption, the drive-by attacks first use malware known as Pony to harvest any login credentials stored on the infected computer, according to a blog post published by a firm called Heimdal Security.