Security Alerts & News
by Tymoteusz A. Góral

History
#2046 Shamoon (malware): Multi-staged destructive attacks limited to specific targets
Recent attacks involving the destructive malware Shamoon (W32.Disttrack.B) were launched by attackers conducting a much wider campaign in the Middle East. While the attackers have compromised multiple targets in the region, only selected targets in Saudi Arabia were infected with Shamoon.

On February 15, publications from IBM (The Full Shamoon) and Palo Alto (Magic Hound) separately discussed a persistent attack campaign operating primarily in the Middle East with links to Shamoon. This campaign was conducted by a group we identify as Timberworm. The group appears to have facilitated the third wave of destructive attacks involving Shamoon in January 2017. Timberworm operates in the Middle East and beyond. Only specific organizations affiliated with Saudi Arabia appear to have been earmarked for destructive wiping attacks.
Read more
#2049 New RaaS portal preparing to spread Unlock26 ransomware
#2048 Creepy IoT teddy bear leaks >2 million parents’ and kids’ voice messages
#2047 Google open-sources Chrome extension to make PGP encryption easier in Gmail
#2046 Shamoon (malware): Multi-staged destructive attacks limited to specific targets
#2045 More on bluetooth ingenico overlay skimmers
#2044 Google reports “high-severity” bug in Edge/IE, no patch available
#2043 Severe SQL injection flaw discovered in WordPress plugin (NextGEN Gallery) with over 1M installs
#2042 Siemens RUGGEDCOM NMS equipment vulnerable to CSRF, XSS
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12