Security News for the Week Ending April 17, 2020
Covid-19 Driven Online Shopping Encouraging More Skimming Attacks
Since crooks go where the money is and since we are all doing a lot online shopping during the shelter in place directives, the crooks put two and two together to come up with an attack strategy.
Malwarebytes says that they are seeing a 26% increase in skimming attacks between February and March. Also, apparently, Monday is the least safe day to shop. Credit: SC Magazine
Ransomware Attacker Stops Accepting Bitcoin Due to Traceability
The operators of the Sodinokibi Ransomware want to stop accepting Bitcoin because the cops have figured out how to trace Bitcoin transfers. While some people have said for a long time that Bitcoin is not traceable, the opposite is actually true. Monero cryptocurrency combined with TOR has features designed to thwart that sort of tracking. Credit: Bleeping Computer
Friendly Hackers Find 460 Bugs in “Hack the Air Force 4.0”
The hack, run by the U.K. Ministry of Defence, allowed good guy hackers to attack a particular but unidentified Air Force “platform”. The hackers found over 450 security flaws in this one platform. Remember the military runs thousands of systems and not all bugs allow a hacker to initiate a total meltdown, but still if this is a representative sample, this is indicative that with a modest amount of effort (this entire hackathon lasted less than a month), you might be able to identify hundreds of thousands of security flaws in systems where the system buyer understands that these systems need to be secure. What then, could hackers find in normal commercial and home-grown systems, where price, time to market and features are way more important than security? Credit: Fifth Domain
Small Business is Big Target for Ransomware
According to a new survey of senior execs, 46% of all small business have been the target of ransomware attacks. Of those that have been hit, 73% say that they paid the ransom. 43% paid between $10k and $50k; 13% paid more than $100k. Of those who paid, 15% did not get all of their data back. Not great statistics. Credit: Dark Reading