Salted Hash Rehashed: The weekly news recap for July 15, 2016

Welcome to your weekly recap of news and other interesting items. This week’s Rehashed includes a video, some great examples of counterfeiting, the Olympics, problems at the FDIC, and more.

So, let’s start by talking about Ransomware. This topic has existed in the Rehashed column more than any other, but for good reason – it isn’t going anywhere and it’s a serious threat to business. It’s mainstream too, having made a solid appearance in season two’s opening episode of Mr. Robot on USA Network. I talk about it in the Salted Hash video below.

Ransomware goes offline:

On Thursday, Lucian Constantin wrote a story about the latest variant of Locky, a nasty bit of Ransomware that’s been around for some time now, which can operate offline. Great. That’s just @@@@@@@ great. It’s bad enough administrators have to deal with Ransomware that requires an outside connection, now they get to deal with variants that can operate even if you clip the cord.

Scammers cash-in on Summer Games:

Maria Korolov reported that scammers are offering fake tickets to the Olympics, and if that wasn’t bad enough, malicious Olympic-related apps are being pushed to the public too. It’s a real game of cat and mouse, because as soon as one scammer’s domain falls or an app gets removed, others quickly take its place.

Chinese hackers blamed for three different data breaches at FDIC:

Hackers in China, allegedly with the backing of the government, have hit the FDIC on at least three different occasions. The FDIC knew about the incidents, but failed to report them properly. Breaches occurred in 2010, 2011, and 2013.

Counterfeiting ring has the goods:

Dr. Krypt3ia has discovered a counterfeiting group on the Darknet, and unlike some of the other fly-by-night operations, this one is about as professional as it can get. That isn’t an advertisement, but more of a statement of complete awe, because most counterfeiting operations that operate on that part of the internet are complete garbage.

“That’s right kids, this can pass the UV light test, it has the fiber/metal strip, it has the holographs, and has the look of a real bill. In fact I have at least one alleged user who has passed the hundo’s at a local establishment without issue,” Kryp3ia wrote, discussing the quality of the fake bills.

Other items of note:

Due Diligence:

Security posture is still important when it comes to M&As, a recent report from West Monroe Partners says. Forty percent of the acquirers that took part in the study claimed to have discovered security problems at an acquisition after a deal went through, indicating low standards when it came to diligence.

Ransom without the ware:

Apple customers are reporting locked devices that are being held for ransom. However, the cause isn’t software-based; it’s recycled credentials.

Penton Technology suffered a massive data breach, keeps silent:

Three websites owned by Penton Technology, acquired in 2015 as part of the purchase of iNET Interactive – MacForums.com, HotScripts.com, and WebHostingTalk.com – have been compromised and their databases are now being sold on the Darknet. The company never responded to questions, or issued any statements. At this point, I’m not sure if they’ve noticed yet.

Seeking Alpha app vulnerable, discloses usernames and passwords:

Rapid7 released some research this week concerning the Seeking Alpha mobile application. The investment portfolio tool leaks personal details including usernames and passwords.

Salted Hash: The Movie!

Salted Hash has launched a YouTube channel, and if you’d like to help me out with it, I’ll need two things. First, subscribe, that’s how the powers that be know people are watching me. Second, send me suggestions on things to rant about.

The first video (filmed last Sunday) is below. If you haven’t seen the first episode of season two of Mr. Robot, you might want to skip it. It has spoilers in it.

That’s all for this week!

Remember, if you have thoughts on something that should be added to Rehashed, email me and let me know. Such additions can include links to news items, blog posts, code samples, cool scripts, etc.