Security Alerts & News
by Tymoteusz A. Góral

History
#627 MULTIGRAIN – POS attackers make an unhealthy addition to the pantry
FireEye recently discovered a new variant of a point of sale (POS) malware family known as NewPosThings. This variant, which we call “MULTIGRAIN”, consists largely of a subset of slightly modified code from NewPosThings. The variant is highly targeted, digitally signed, and exfiltrates stolen payment card data over DNS. The addition of DNS-based exfiltration is new for this malware family; however, other POS malware families such as BernhardPOS and FrameworkPOS have used this technique in the past.

Using DNS for data exfiltration provides several advantages to the attacker. Sensitive environments that process card data will often monitor, restrict, or entirely block the HTTP or FTP traffic often used for exfiltration in other environments. While these common internet protocols may be disabled within a restrictive card processing environment, DNS is still necessary to resolve hostnames within the corporate environment and is unlikely to be blocked.
Read more
#632 Can Switzerland become a safe haven for the world's data?
#631 Oracle fixes 136 vulnerabilities with April critical patch update
#630 Latest TeslaCrypt targets new file extensions, invests heavily in evasion
#629 DRAM bitflipping exploits that hijack computers just got easier
#628 RansomWhere?: Generic ransomware detection comes to Apple OS X
#627 MULTIGRAIN – POS attackers make an unhealthy addition to the pantry
#626 New crypto-ransomware JIGSAW plays nasty games
#625 CryptXXX: new ransomware from the actors behind reveton, dropping via Angler
#624 Python-based PWOBot targets European organizations
#623 Netflix: VPN blockade backlash doesn’t hurt us
#622 FBI tells congress it needs hackers to keep up with tech company encryption
#621 Security firm SurfWatch Labs discovers secret plan to hack numerous websites and forums
#620 Google is partially dangerous - according to Google
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12