Salted Hashed Rehashed: The weekly news recap for July 1, 2016

Radioactive boars is how you end up with Orcs. Thanks Japan.

Calendars and keys

Welcome to the weekly recap of news and other interesting items. This week's installment of Rehashed kicks off the month of July, and will be the start of a long weekend for many of us here in the U.S. Today we’re talking about Brexit, Ransomware, Phishing, botnets, stolen medical records, and more.

Send me your password policies:

Do you develop applications, or manage networks? Have you created or enforce a password policy of some type? I'm trying to learn about the different policies out there for some research I'm doing, and if you're so inclined – I'd like to see what you're using. All submissions are anonymous, and are used to help with my research; they're not something I'd publish. If you feel like sharing, feel free to email them to me, my address can be found by clicking my name above.

10 million patient records put up for sale

Last weekend, someone posted an ad to the Real Deal website, offering 10 million patient records for 750 BTC, or just over $500,000 USD, based on current exchange rates. 9.3 million records are from a health insurance provider in the U.S.


Brexit could cause privacy headaches

Network World's Brandon Butler published a story this week about the impact Brexit could have on data management. To put it plainly, if the U.K. breaks away from the EU, cloud and managed services providers will have to deal with the possibility of working under two sets of privacy laws – one for the U.K., the other for the EU.


Lizards use IoT to power DDoS botnet

Default and hard-coded credentials have led to the compromise of thousands of Internet-of-Things devices. The devices are then used by the group Lizard Squad to power their LizardStresser, a tool that can initiate various types of DDoS attacks, as well as other functions.


Salted Hash Phished, intended victim laughs and goes hacker hunting

Being targeted by a Phishing attack is usually a bad thing, but last weekend a Phishing email targeting the Salted Hash inbox was just comical. It was a poor attempt to leverage a compromised email account (the message came from a PR contact), and the landing page development – created with Dreamweaver – was so busted, you almost felt sorry for the criminal running the scam.

Seriously, the attempt was just pitiful, head over and look at the screenshot form the landing page, it's Friday you deserve a laugh.

Ransomware infections on the rise...

New research from Kaspersky Labs shows that Ransomware is a booming economy, and the number of systems infected by this type of malware is climbing. The of infected systems between 2014 and 2015 was 131,111, but from 2015 to 2016, that figure spikes to 718,536.

...and campaign managers are making a small fortune

Those behind a recent Ransomware campaign are earning at least $60,000 USD each month, based on tracked payments from their victims. Researchers from SentinelOne followed one campaign – likely spreading via spam, and watched the money. The campaign uses a new variant of CryptXXX, and unlike it's previous incarnations – this one isn't so easily decrypted, as the developers fixed the flaws that enabled various free tools to restore files.

Hard Rock hits hard times, suffers second data breach

The Hard Rock Hotel & Casino in Las Vegas disclosed a second data breach recently. Like before, this incident includes payment card data and compromised card processing networks. According to the casino's timeline, the criminals were active between October 27, 2015 and March 21, 2016.

Previously, the criminals had the run of the network between September 3, 2014 and April 2, 2015. So either they were never fully removed from the network, or within five months they found a new way in, or perhaps they just used the same method of compromise from before – as it wasn't patched properly. Either way, the situation is grim for the Vegas hotspot.

Anyone else notice a sudden spike in Spam?

Cisco's Talos group has written a report about the resent uptick in Spam containing malicious attachments. In most cases, the spam messages are carrying variants of the Locky family of Ransomware. The group tracked more than 137,000 email messages in just four days.

That's all for this week. Have a great weekend!

Remember, if you have thoughts on something that should be added to Rehashed, email me and let me know. Such additions can include links to news items, blog posts, code samples, cool scripts, etc.

Copyright © 2016 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)