Security Alerts & News
by Tymoteusz A. Góral

History
#1523 Mamba ransomware strikes at your whole disk, not just your files
Mamba takes the approach of ransoming your whole disk one step further: it scrambles every disk sector, including the MFT, the operating system, your apps, any shared files and all your personal data, too.

Ironically, Mamba does all of this with very little programming effort: the malware simply installs and activates a pirated copy of the open source software DiskCryptor.
#1522 Google tackles XSS scripting flaws with new developer tools
Google has released two new tools for developers looking to protect web domains against XSS scripting security flaws.

Cross-site scripting (XSS) is a common security issue web developers face today. The attack, which relies on vulnerabilities which allow the injection of malicious codes into trusted websites and applications, can lead to malvertising campaigns, watering hole attacks, and drive-by attacks which do not need victims, visiting a trusted site, to do anything more than open a page.

Content Security Policy (CSP) is often the answer for web developers to stay clear of such attacks. CSP, support by all major browsers, can be used to restrict programming input and scripts and prevent them executing, even if attackers are able to inject malicious code into vulnerable web pages.
#1521 Record-breaking DDoS reportedly delivered by >145k hacked cameras
Last week, security news site KrebsOnSecurity went dark for more than 24 hours following what was believed to be a record 620 gigabit-per-second denial of service attack brought on by an ensemble of routers, security cameras, or other so-called Internet of Things devices. Now, there's word of a similar attack on a French Web host that peaked at a staggering 1.1 terabits per second, more than 60 percent bigger.

The attacks were first reported on September 19 by Octave Klaba, the founder and CTO of OVH. The first one reached 1.1 Tbps while a follow-on was 901 Gbps. Then, last Friday, he reported more attacks that were in the same almost incomprehensible range. He said the distributed denial-of-service (DDoS) attacks were delivered through a collection of hacked Internet-connected cameras and digital video recorders. With each one having the ability to bombard targets with 1 Mbps to 30 Mbps, he estimated the botnet had a capacity of 1.5 Tbps.

On Monday, Klaba reported that more than 6,800 new cameras had joined the botnet and said further that over the previous 48 hours the hosting service was subjected to dozens of attacks, some ranging from 100 Gbps to 800 Gbps. On Wednesday, he said more than 15,000 new devices had participated in attacks over the past 48 hours.
#1520 Europol warns of Android tap-and-go thefts
Law authorities have warned they believe criminals are using Android phones to trigger fraudulent tap-and-go payments.

The alert comes in Europol's annual Internet Organised Crime Threat Assessment report.

Experts had previously said that the rollout of smart wallet systems could raise such a threat.

However, the police are unsure exactly how the attacks are being carried out and how common they are.

"The possibility of compromising NFC [near field communication] transactions was explored by academia years ago, and it appears that fraudsters have finally made progress in the area," the report says.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12