Security Alerts & News
by Tymoteusz A. Góral

History
#1036 Hard Rock Las Vegas, Noodle and Co. confirm hacks
If you’re one of the millions who rocked out at Hard Rock Hotel and Casino Las Vegas or slurped noodles at a Noodles & Company fast food chain in the past year, it’s time to get paranoid. Both companies announced this week separate breaches that include unauthorized access to credit card data.

The Hard Rock Hotel and Casino Las Vegas began notifying guests and patrons of “certain restaurant and retail outlets” located at its Las Vegas casino that hackers breached payments systems extracting credit card data. Credit card data exposed included cardholder name, card number, expiration date, and internal verification code.

“After receiving reports of fraudulent activity associated with payment cards used at the Hard Rock Hotel and Casino Las Vegas, the resort began an investigation of its payment card network and engaged a leading cyber-security firm to assist,” the company said in a statement.
#1035 The latest Android overlay malware spreading via SMS phishing in Europe
In April 2016, while investigating a Smishing campaign dubbed RuMMS that involved the targeting of Android users in Russia, we also noticed three similar Smishing campaigns reportedly spreading in Denmark (February 2016), in Italy (February 2016), and in both Denmark and Italy (April 2016).

Unlike the RuMMS campaign, these three campaigns in Europe used view overlay techniques (the same technique we described being used by SlemBunk malware) to present nearly identical credential input UIs as seen in benign apps, subsequently tricking unwary users into providing their banking credentials.
#1034 Google Project Zero: A year of Windows kernel font fuzzing #1: the results
This post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the last year. In part #1 here, we present a general overview of the font security area, followed by a high-level explanation of the fuzzing effort we have undertaken, including the overall results and case studies of two bug collisions. In the upcoming part #2, we will share the specific technical details of the project, and how we tried to optimize each part of the process to the maximum extent, and go beyond the current state of the art in Windows kernel font fuzzing.
#1033 High-severity bugs in 25 Symantec/Norton products imperil millions
Much of the product line from security firm Symantec contains a raft of vulnerabilities that expose millions of consumers, small businesses, and large organizations to self-replicating attacks that take complete control of their computers, a researcher warned Tuesday.

"These vulnerabilities are as bad as it gets," Tavis Ormandy, a researcher with Google's Project Zero, wrote in a blog post. "They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption."

The post was published shortly after Symantec issued its own advisory, which listed 17 Symantec enterprise products and eight Norton consumer and small business products being affected. Ormandy warned that the vulnerability is unusually easy to exploit, allowing the exploits to spread virally from machine to machine over a targeted network, or potentially over the Internet at large.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12