Information Security News
On Tuesday federal prosecutors unsealed charges against three men, revealing details of a sprawling criminal enterprise that involved hacking some of the US' biggest financial institutions as well as the theft of personal information pertaining to 100 million customers. With that information, the men allegedly made off with hundreds of millions of dollars.
Although the indictment does not name the hacked financial institutions directly, Reuters reports that JP Morgan Chase, ETrade, and News Corp. (which owns The Wall Street Journal) have confirmed that they were party to the crimes described by the indictment.
The newly unsealed charges (PDF) accuse Gery Shalon, a 31-year-old Israeli, of masterminding the hacks that resulted in the loss of personal information pertaining to some 100 million customers of US financial institutions and accuse Joshua Aaron, a 31-year-old American, of acting as a co-conspirator in the hacking operation. Ziv Orenstein, a 40-year-old Israeli, allegedly operated illegal casinos and payment processors with Shalon and controlled shell companies for Shalon. Both Shalon and Orenstein were arrested in July; Aaron remains at large.
ProtonMail, the encrypted e-mail provider that buckled under crippling denial-of-service attacks even after it paid a $6,000 ransom, said it has finally recovered from the massive assaults seven days after they began.
"It has now been one week since the first attack was launched against ProtonMail," officials wrote in a blog post published Tuesday. "Since then, we have been subject to the largest and most extensive cyberattack in Switzerland, with hundreds of other companies also hit as collateral damage. In addition to hitting ProtonMail, the attackers also took down the datacenter housing our servers and attacked several upstream ISPs, causing serious damage."
Tuesday's update still maintains that there were two waves of attacks carried out by two separate groups. The first attack, the post said, was executed by the Armada Collective, a group that performs distributed denial-of-service attacks on selected targets and then demands a ransom of thousands of dollars to get the assaults to stop. As Ars reported last week, ProtonMail was roundly criticized by many security professionals for paying the group $6,000 in bitcoins, only to come under a much more powerful attack in the following days.
Overview of the November 2015 Microsoft patches and their status.
|#||Affected||Contra Indications - KB||Known Exploits||Microsoft rating(**)||ISC rating(*)|
|MS15-112||Cumulative Security Update for Internet Explorer (Replaces MS15-106 )|
CVE-2015-2427, CVE-2015-6064, CVE-2015-6065, CVE-2015-6066, CVE-2015-6067,
CVE-2015-6068, CVE-2015-6069, CVE-2015-6070, CVE-2015-6071, CVE-2015-6072,
CVE-2015-6073, CVE-2015-6074, CVE-2015-6075, CVE-2015-6076, CVE-2015-6077,
CVE-2015-6078, CVE-2015-6079, CVE-2015-6080, CVE-2015-6081, CVE-2015-6082,
CVE-2015-6084, CVE-2015-6085, CVE-2015-6086, CVE-2015-6087, CVE-2015-6088,
Exploitability: 1 and higher
|MS15-113||Cumulative Security Update for Microsoft Edge (Replaces MS15-107 )|
|Remote Code Execution Vulnerability in OpenType (Replaces MS15-097 MS15-111 MS15-073 )|
|Remote Code Execution Vulnerabilties in Microsoft Office (Replaces MS15-046 MS15-110 MS12-066 MS14-048 MS14-020 MS13-035 MS15-081 MS15-022 )|
|Office, Office Services and Web Apps, Skype, Lync|
|Elevation of Privilege Vulnerabilities in .Net Framework (Replaces MS14-057 MS11-100 MS14-009 )|