Breach, Threat Intelligence, Data Security, Incident Response, Malware, TDR, Vulnerability Management

News briefs: The latest on Sony, Android, Backoff malware and more.

» Sony agreed to a $15 million preliminary settlement in hopes of quashing even heftier costs associated with the massive hack three years ago of its PlayStation Network (PSN). The electronics giant was forced to contend with class-action lawsuits stemming from an April 2011 incident, where hackers compromised the company's PSN, its on-demand service Qriocity and gaming portal Sony Online Entertainment, exposing the personal data of roughly 77 million users. In the settlement, which was still subject to the court's final approval as of August, Sony agreed to shell out up to $10 million in claims by way of providing free offerings, like games and services, to impacted users. In addition, up to $1 million was set aside for identity theft reimbursements as a result of the breach.

» Researchers found that nearly 600 large and small businesses throughout the United States had been struck by new point-of-sale (POS) malware called “Backoff.” Attackers, who primarily targeted food and beverage retailers, brute-forced popular remote desktop software to infect POS devices with the threat, the United States Computer Emergency Readiness Team (US-CERT) announced. The group identified the threat in collaboration with Trustwave, as well as the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), and Financial Sector Information Sharing and Analysis Center (FS-ISAC). Some of the targeted systems included Microsoft Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop, Pulseway, and LogMeIn's, according to the advisory.

» All mobile devices running Android versions 2.1 to 4.3 contain a vulnerability – dubbed “Fake ID” – that enables the identity of trusted applications to be copied, consequently opening the door to a host of malicious activity, including device takeover. Discovered by Bluebox Security, the vulnerability ultimately “undermines the validity of the [Android] signature system and breaks the PKI fundamental operation,” Bluebox CTO Jeff Forristal revealed, in advance of his Black Hat 2014 talk on the subject. Taking advantage of the vulnerability enables all sorts of attacks, including stealing data from apps and affecting wireless near-field communication (NFC) payments. To exploit the flaw, a saboteur could begin by creating a malware-laced application this is advertised as a popular game or some other enticing download to users, like a security update.

» A Chinese man, who operated an aviation tech firm with Canadian operations, was charged with hacking a number of U.S. companies for military data, including defense contractors Boeing and Lockheed Martin. According to reports, Stephen Su – who was taken into custody by Canadian police on June 28 – and two unnamed citizens of China allegedly conspired to hack the firms between 2009 and 2013. Data of interest to the three individuals included “information related to Boeing's military projects, including the C-17 aircraft…an advanced strategic transport aircraft,” court documents said. Other data allegedly sought by the hackers were files on Lockheed's F-22 and F-35 fighter jets.

» RSA released a report which revealed that over a two-year period a fraud ring may have compromised nearly 500,000 Boletos transactions, estimated to be worth up to $3.75 billion. Boletos, a popular payment method in Brazil, was long known to be targeted by frausters, but in July, RSA unveiled a first-of-its-kind report on the extent of the attacks, including the number of compromised computers (192,227) and email credentials (83,000) stolen by the Boletos malware, dubbed “bolware,” which targets Windows PCs running Chrome, Firefox and Internet Explorer browsers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.