Salted Hashed Rehashed: The weekly news recap for June 3, 2016

After a week away, it’s time for your weekly recap of news and other items of note. As mentioned, I was on vacation for the last several days – was feeling some burnout to be honest – and disconnecting worked like a charm.

However, as is usually the case, I walk away from the computer for just a brief moment and things start to melt. With that said, let’s look at some of the interesting news items that happened over the last week or so.

More than 600 million social media accounts exposed

In May 177 million LinkedIn accounts – or what wasn’t already leaked when they were originally compromised in 2012 – hit the Web. Two weeks after that, MySpace, Tumblr, and Fling all had similar problems as hundreds of millions of compromised accounts surfaced online.

To make things worse, 172 million Badoo.com accounts were added to this running data breach collection yesterday – so in less than a month more than 700 million accounts have been exposed. Are the breaches aged? Likely so, but password reuse is a serious issue, meaning it doesn’t matter if the accounts were compromised last year or last week. Not to mention, leaked credentials can be leveraged in a number of ways when targeting an individual.

FBI issues public extortion notice

The FBI recently issued a warning to the public about an uptick in extortion emails. According to the notice on the IC3 website, the agency has received several reports from users about demands for money under the threat of having their recently compromised exposed publicly.

Researchers discover SCADA malware

FireEye researchers have discovered malware (IRONGATE), which was designed to manipulate SCADA systems in order to hide real readings from industrial processes. It’s said to be similar to Stuxnet, only the samples found by FireEye are likely PoCs or proof-of-concept builds.

Robert Lee, on the SANS ICS Security blog, offered some additional commentary once the story started to circulate in the news.

Ransomware payoffs can top $90,000 annually

Flashpoint released a report this week on a Ransomware campaign they’ve been following since December. One of their findings is that campaign managers, with about 10 distributors working for them, stand to earn about $90,000 annually. The report is a decent read, but it’s lacking context when it comes to the Ransomware itself.

Speaking of Ransomware, a report from CSO’s Maria Korolov this week says that 93% of all Phishing emails are pushing the file encrypting threat, jumping from 53% last December.

TeamViewer denies they were hacked, but users keep reporting incidents

Earlier this week, TeamViewer customers flooded Reddit with reports of unauthorized access, leading most of them to suspect that the remote connection vendor has been hacked. TeamViewer issued a denial, and said the issues are likely due to careless use.

Reuters scores big with FOIA request from the Federal Reserve

Earlier this week, Reuters reported that the Federal Reserve has detected more than 50 breaches between 2011 and 2015, with several incidents being tagged internally as espionage.

Lenovo says pre-installed support tool leaves customers vulnerable

According to Lenovo, the pre-installed Accelerator Application contains a high-risk vulnerability that allows remote code execution. Customers are being urged to uninstall it.

In related news, a report from Duo Security shows that pre-loaded software on commercial PCs are a security nightmare waiting to happen. Researchers tested systems from Acer, ASUSTeK Computer, Lenovo, Dell and HP – and all of them had at least one serious vulnerability in their delivered state.

Some interesting items of note:

• Ivan Ristić has created a SSL/TLS and PKI timeline that’s quite extensive.
• Hunchly creator Justin Seitz has written about a serious issue with how Facebook deals with ads, one that could lead to serious problems if abused. (Think Phishing)

That’s all for this week. Have a great weekend!

Remember, if you have thoughts on something that should be added to Rehashed, email me and let me know. Such additions can include links to news items, blog posts, code samples, cool scripts, etc.

For those who want a suggestion, email me a link to your favorite security video or recorded talk, with a brief note as to why you like it. If it’s listed, let me know if you want named credit for the suggestion or if you prefer to remain anonymous.