Security Alerts & News
by Tymoteusz A. Góral

#585 Microsoft Security Bulletin Summary for April 2016
This month the vendor is releasing 13 bulletins, six of which are rated Critical.
#584 BAE Systems warns about shape-shifting strain of Qbot malware
The incident response team at BAE Systems is warning of a strain of the virulent Qbot malware that has hit thousands of public sector computers around the world.

The malware – also known as the Qakbot botnet – first appeared in 2009 and was uploading 2GB of stolen confidential information to its FTP servers each week by April 2010 from private and public sector computers, including 1,100 on the NHS network in the UK.
#583 ZeuS banking trojan resurfaces as Atmos variant
Old nemeses die hard, especially when you’re banking malware named ZeuS. According to Denmark-based Heimdal Security, the potent 9-year-old malware ZeuS has morphed into the up-and-coming Atmos malware – now targeting banks in France. Researchers are warning that the criminals behind Atmos have been putting the finishing touches on this latest malware threat – perfecting how, where and what it will target. For now, Heimdal Security said, it’s focused on banks, but tomorrow the sky is the limit.
#582 New Adobe Flash Player exploit used by Magnitude and Nuclear exploit kits
Last week, Adobe released an emergency patch to address a critical zero-day vulnerability (CVE-2016-1019) in Flash Player. The type confusion vulnerability is currently being actively exploited in the wild. Symantec has observed that exploit kits (EKs), including but not limited to Magnitude and Nuclear, have already started exploiting the vulnerability.
#581 New threat can auto-brick Apple devices
On Feb. 11, 2016, researcher Zach Straley posted a Youtube video exposing his startling and bizarrely simple discovery: Manually setting the date of your iPhone or iPad all the back to January. 1, 1970 will permanently brick the device (don’t try this at home, or against frenemies!). Not long after Straley’s video began pulling in millions of views, security researchers Patrick Kelley and Matt Harrigan wondered: Could they automate the exploitation of this oddly severe and destructive date bug? The researchers discovered that indeed they could, armed with only $120 of electronics (not counting the cost of the bricked iDevices), a basic understanding of networking, and a familiarity with the way Apple devices connect to wireless networks.
#580 Real Future: What happens when you dare expert hackers to hack you
Last year, after reporting on the hacks of Sony Pictures, JPMorgan Chase, Ashley Madison, and other major companies, REAL FUTURE's Kevin Roose got curious about what it felt like to be on the victim’s side of a giant data breach.
#579 Meet the Cryptoworm, the future of ransomware
Ransomware is evolving and soon will share the same deadly efficiencies as notorious worms of the past, such as Conficker and SQL Slammer. In fact, according to security researchers at Cisco Talos, today’s newest ransomware, SamSam, is a harbinger of a new wave of more malicious, tenacious and costly ransomware to come. “Ransomware authors are always looking for bigger payouts and to further their reach,” said Joe Marshall, security research manager with Cisco Talos. “We believe ransomware authors are going to look to past successful campaigns when they look to cast a wider net in the future.”
#578 Microsoft's 'blue screen of death' is getting more descriptive with QR codes
The Windows Blue Screen of Death isn't known for being particularly descriptive, but Microsoft may be looking to change that in a future version of Windows 10.

A Reddit user posted a picture last week that shows a new version of the dreaded blue screen, one with a QR code and a link where users can get more information about the error that caused their computer to crash.
#577 Mobile devices used to execute DNS malware against home routers
Attacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims’ online credentials, such as passwords and PINs.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12