Security Alerts & News
by Tymoteusz A. Góral

History
#2146 Winnti abuses GitHub for C&C communications
Developers constantly need to modify and rework their source codes when releasing new versions of applications or coding projects they create and maintain. This is what makes GitHub—an online repository hosting service that provides version control management—popular. In many ways, it’s like a social networking site for programmers and developers, one that provides a valuable platform for code management, sharing, collaboration, and integration.

GitHub is no stranger to misuse, however. Open-source ransomware projects EDA2 and Hidden Tear—supposedly created for educational purposes—were hosted on GitHub, and have since spawned various offshoots that have been found targeting enterprises. Tools that exploited vulnerabilities in Internet of Things (IoT) devices were also made available on GitHub. Even the Limitless Keylogger, which was used in targeted attacks, was linked to a GitHub project.
Read more
#2149 Soundwaves used to produce fake data from accelerometers
#2148 A new trend in Android adware: abusing Android plugin frameworks
#2147 LastPass bugs allow malicious websites to steal passwords
#2146 Winnti abuses GitHub for C&C communications
#2145 Lithuanian con artist scams two US tech giants out of $100 million
#2144 Chinese crooks use fake cellular telephony towers to spread Android malware
#2143 Hackers: We will remotely wipe iPhones unless Apple pays ransom
#2142 DoubleAgent: 0day code injection and persistence technique
#2141 Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs
#2140 New LLTP ransomware appears to be a rewritten venus locker
#2139 Swearing trojan continues to rage, even after authors’ arrest
#2138 Bitcoin scams: Beware of crooks trying to steal your cryptocurrency with these schemes
#2137 Word document spreads macro malware targeting both Windows and macOS
#2136 New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12