A roundup of the top news stories in information security this week, including a massive data breach that Uber disclosed after nearly one year after attempting to conceal it and a new reporting detailing the increasing damage costs tied to ransomware.
CYBER THREAT
North Korean Threat Group Pivots, Evolves Tactics
The North Korean hacking collective that’s believed to be behind Sony breach and the recent attacks on the SWIFT network is changing their tactics. Rather than launch targeted attacks, the Lazarus Group is now casting a wider net. According to security experts at McAfee, the group is now leveraging mobile malware to go after a broader audience.
RANSOMWARE
Damage Tied to Ransomware Predicted to Surpass $11B by 2019
Although the number of ransomware victims willing to pay for ransoms has gone down, the costs associated with ransomware damages has sharply increased, according to one recent study. Cybersecurity Ventures has predicted that the damages tied to the malware will cost the world $5 billion in 2017, and increase to $11.5 billion in 2019.
DATA BREACH
House Committees Diving Deeper Into Equifax Data Breach
Two U.S. House committees are asking for more information tied to the recent Equifax data breach that impacted more than 145 million people this year. The House Science, Space, and Technology and the House Oversight and Government Reform committee’s chairmen each penned a letter sent to Equifax asking for a series of additional information to be delivered by December 6.
PATCHES
HP Releases Patches for Security Vulnerabilities in Enterprise Printers
Firmware patches have been released this week by HP Inc. to address a slew of vulnerabilities in the company’s enterprise printers. The most severe flaw addressed is a remote code execution bug discovered by a security expert with NTT Security. CVE-2017-2750 impacted HP’s popular enterprise printer series including LaserJet and PageWide, in addition to some OfficeJet and ScanJet models.
VULNERABILITY
U.S. CERT Warns of Flaw in Microsoft’s ASLR
A new alert has been issued by the U.S. Computer Emergency Readiness Team regarding a vulnerability found in Microsoft’s implementation of Address Space Layout Randomization. The flaw impacts Windows 8, Windows 8.1, and Windows 10. If leveraged by an attacker, the flaw would allow them to take control of an affected system remotely.
PATCHES
Intel Issues Emergency Patches for Critical Flaws in Management Engine
After researchers discovered vulnerabilities in Intel’s Management Engine, the company issued a critical firmware update. A total of eight flaws were addressed by the company on Monday. If leveraged, an attacker would be able to run unsigned code. As a response to the issues identified, the company “performed an in-depth, comprehensive security review” of its Management Engine and Trusted Executive Engine, according to an advisory.
DATA BREACH
Uber Discloses Data Breach Impacting 57 Million Accounts
Ride-hailing company Uber is in hot water after it disclosed that it paid hackers $100,000 to keep quiet regarding a breach last year that impacted 57 million accounts. The cover-up of the incident resulted in two terminated employees that were in charge of responding to the attack, according to Uber CEO Dara Khosrowshahi. “None of this should have happened, and I will not make excuses for it,” he said in a blog post.
THREAT INTELLIGENCE
Samsung Pay Falling Short of Protecting Mobile Device Information
A security researcher has discovered that Samsun Pay is leaking mobile device information. A Tencent researcher known as HC will be showcasing his findings at Black Hat Europe 2017 next month. The weakness in the app allows for the real of digital tokens that secure transactions and other technical data like traffic logs. “This is not a vulnerability in Samsung Pay, but a mistake in Samsun Pay’s app,” HC said.
REGULATIONS
Uber’s Recent Hack Would Face Stiff Consequences By Violating GDPR
Although the Global Data Protection Rules take affect in May, had they been implemented now Uber would be in serious trouble. The new rules require that any breach is communicated to the regulator within 72 hours of being aware of the hack. In Uber’s recent case, the company revealed this week that it experienced a data breach which impacted 57 million customers and drivers - nearly one year after the incident took place.
