This Week in Security News: The First Patch Tuesday Update of 2020 and Pwn2Own Vancouver Announced
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a major crypto-spoofing bug impacting Windows 10 that has been fixed as part of Microsoft’s January Patch Tuesday update. Also, read about the launch of Pwn2Own Vancouver, where it will pay to hack a Tesla Model 3.
Read on:
Can You Hack a Tesla Model 3? $500,000 Says That You Can’t
Trend Micro’s Zero Day Initiative (ZDI) has officially announced that its Pwn2Own Vancouver competition will be hosted at CanSecWest March 18-20. This time, the stakes have been upped in the automotive category: the hacker who can evade the multiple layers of security found in a Tesla Model 3 to pull off a complete vehicle compromise will win a $500,000 prize and a new Tesla Model 3.
Texas School District Loses $2.3 Million to Phishing Scam, BEC
Manor Independent School District (MISD) in Texas is investigating an email phishing attack after a series of seemingly normal school-vendor transactions resulted in the loss of an estimated $2.3 million. According to the statement posted on Twitter, the district is cooperating with the Manor Police Department and the Federal Bureau of Investigation (FBI).
Equifax Settles Class-Action Breach Lawsuit for $380.5M
A Georgia court granted final approval for an Equifax settlement in a class-action lawsuit, after the credit-reporting agency was hit by its massive 2017 data breach. This week, the Atlanta federal judge reportedly ruled that Equifax will pay $380.5 million to settle lawsuits regarding the breach.
Sodinokibi Ransomware Increases Year-End Activity, Targets Airport and Other Businesses
The Sodinokibi ransomware, detected as Ransom.Win32.SODINOKIBI,was involved in several high-profile attacks in 2019. The ransomware ended the year by launching a new round of attacks aimed at multiple organizations, including the Albany International Airport and the foreign exchange company Travelex.
ICS Security in the Spotlight Due to Tensions with Iran
Given the heightened tensions between the U.S. and Iran, organizations with connected industrial infrastructure should be on guard. In the wake of the assassination, several cybersecurity experts and U.S. government officials have warned of the ICS security risk that Iran-affiliated adversaries pose. Others point to the likelihood of smaller cyberattacks designed to distract rather than prompt retaliation.
Dymalloy, Electrum, and Xenotime Hacking Groups Set Their Targets on US Energy Sector
At least three hacking groups have been identified aiming to interfere with power grids across the United States. The oil, gas, water and energy industries have proved to become a valuable target for threat actors looking to compromise ICS environments, and according to a report on the state of industrial control systems (ICSs), attempts in attacking the utilities industry are on the rise.
Microsoft Patches Major Crypto Spoofing Bug
A major crypto-spoofing bug impacting Windows 10 users has been fixed as part of Microsoft’s January Patch Tuesday security bulletin. The vulnerability could allow an attacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an application was from a trusted source.
Mobile Banking Trojan FakeToken Resurfaces, Sends Offensive Messages Overseas from Victims’ Accounts
Researchers recently discovered an updated version of the mobile banking trojan FakeToken after detecting 5,000 smartphones sending offensive text messages overseas. Once the malware infects an unprotected Android device, FakeToken is able to send and intercept text messages such as 2FA codes or tokens, as well as scan through the victim’s contacts to possibly send phishing messages.
Report: Chinese Hacking Group APT40 Hides Behind Network of Front Companies
An online group of cybersecurity analysts calling themselves “Intrusion Truth” doxed their fourth Chinese state-sponsored hacking operation. After previously exposing details about Beijing’s hand in APT3 (believed to operate out of the Guangdong province), APT10 (Tianjin province), and APT17 (Jinan province), Intrusion Truth has now begun publishing details about China’s cyber apparatus in the state of Hainan, an island in the South China Sea.
What are your thoughts on the major crypto-spoofing bug that was found by the NSA? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
Read More HERE