(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Softpedia News

Vawtrack Banking Trojan Is Alive and Well, v2 Recently Discovered
Softpedia News
Furthermore, Vawtrack v2 has been hardened against reverse engineering operations typically carried out by infosec researchers. SohposLabs says v2 broke a lot of security tools used to analyze malware. The usage of increased levels of obfuscation and ...



Cyber 'bombs,' digital D-Days and other nonsense
The quote was reported with a straight face by more than a few outlets in news items declaring that the "San Bernardino shooter could have introduced 'dormant cyber pathogen.'" Shortly after making the remark, San Bernardino DA Michael Ramos admitted ...


The apparently fraudulent Twitter account associated with a scam site trying to turn the Orlando mass shooting into a Bitcoin factory.

The vultures have already begun to descend on the tragedy in Orlando, Florida. A fake Twitter account claiming to represent the nightclub where the largest mass shooting in modern US history took place in the early hours of June 12 was calling for donations to assist victims—by sending bitcoins to buy bottled water and Oreo cookies. The account was suspended on Monday afternoon.

The scammers used a common tactic—they hijacked the name of the Pulse nightclub, attached the account to the various "hashtags" associated with the shooting, and built the account's apparent profile by attaching an army of fake followers so they could draw the attention of people following conversations about the shooting. The Twitter account directed followers to a shortened Web address to make donations. That Web address linked to the six-month-old domain desifreemovies.net—a domain with a fake registration address in California and a contact e-mail account associated with the Hushmail anonymous e-mail service.

A screenshot of the highly sophisticated scam site linked to by the Twitter account.

The site itself was a fairly transparent scam—a grammatically incorrect plain HTML page with fake Amazon Prime links and a note that if the links "don't work in your area" to instead send Bitcoin to a specific anonymous address. Based on data from Blockonomics, the wallet pulled in 0.04293381 bitcoins (about $30 US)—so it wasn't exactly successful in cashing in on the tragedy. The site was shut down after Ars contacted the hosting company.

Read on Ars Technica | Comments


CISO challenges: Identifying and addressing common problems
"Why are some companies not in the news? It's because they have a quality and mature security team ... Sometimes, it's the simple stuff infosec teams are missing or messing up, according to experts. "Passwords, patching, detection and response time are ...

ESA-2016-047: RSA Archer® GRC Platform Sensitive Information Disclosure Vulnerability
CM Ad Changer 1.7.7 Wordpress Plugin - Cross Site Scripting Web Vulnerability
FlashFXP v5.3.0 (Windows) - Memory Corruption Vulnerability

Out of the Blue and into the Black?
Lawfare (blog)
Indeed, since the time that President Ronald Reagan asked for an assessment of U.S. information security after watching the popular Matthew Broderick movie “War Games,” one blue ribbon panel after another has been warning about our vulnerability to ...


Top 10 most read: IoT insecurity woes, Azure updates and Brexit issues
There were some interesting comments from the Infosec security conference, chiefly from security chiefs at Sky and Canon, who said that they will abide by the new GDPR data protection laws whatever the outcome of the EU vote. Finally, the BBC announced ...

OpenWRT: swconfig infrastructure fails to check permissions
Internet Storm Center Infocon Status