The cyber world is bubbling with activity, and we’re all wondering if Saturday’s outages were a continuation of Friday’s global attack. Nothing seen in the media, but you can be sure the cyber cops know what’s going on! Anyway lots of other news too, so the Cyber InfoManager is over worked this week with these entries :
- A massive cyberattack blocked your favorite websites; FBI and Homeland Security investigating
- Cyber attack: hackers ‘weaponised’ everyday devices with malware to mount assault
- Microsoft warns of fake Security Essentials installer malware scam – WinBeta
- Smooth move: Clinton’s lawyer may have exposed entire email server to China
- DDoS explained: How attackers broke Twitter, Spotify and PayPal
- Got an email saying Trump’s quitting the race? It’s a scam
- SilverInstaller Uses New Techniques to Install PUA/PUP
- Editorial: WikiLeaks sounds alarm about cybersecurity
- Sneak peek at a new cybersecurity policy tome
ALERT Be very careful what you click! Many of the sites listed below employ stalker links! LOOK FOR the Firefox ‘READER’ icon in the address window to read the articles without the risks! (More here)
A massive cyberattack blocked your favorite websites; FBI and Homeland Security are investigating
The Department of Homeland Security and the FBI are investigating a massive cyberattack that stopped or slowed access to Twitter, Spotify, Amazon and other sites Friday by targeting a firm responsible for routing Internet traffic their way.
Users reported outages and slowdowns at sites including PayPal, Github, Netflix, the New York Times, the Boston Globe and Vox Media, among others.
Los Angeles Times
Cyber attack: hackers ‘weaponised’ everyday devices with malware to mount assault
The huge attack on global internet access, which blocked some of the world’s most popular websites, is believed to have been unleashed by hackers using common devices like webcams and digital recorders.
Among the sites targeted on Friday were Twitter, Paypal and Spotify. All were customers of Dyn, an infrastructure company in New Hampshire in the US that acts as a switchboard for internet traffic.
Elle Hunt — theguardian.com
DDoS explained: How attackers broke Twitter, Spotify and PayPal
Early Friday morning, businesses and internet users everywhere found themselves temporarily paralyzed as hackers laid siege to a number of high-profile web servers.
To accomplish their disruptive goals, the shady offensive appeared to rely on a distributed denial-of-service attack — or DDoS.
Jessa Schroeder — www.nydailynews.com
SilverInstaller Uses New Techniques to Install PUA/PUP
Thanks to Del Missier for sending this on in:
malware researchers at Intego have discovered a new fake Adobe Flash Player installer, which Intego has labeled “SilverInstaller.”
These types of installers are nothing new these days and usually result in the same or similar adware to infect a system. Some examples are Flashback, ClickAgent, InstallMiez and InstallCore. This behavior was expected of SilverInstaller as well, but during analysis Intego observed that it behaved differently than those fake Flash Player installers we have seen in the past.
Jay Vrijenhoek – Malware + Security News
Microsoft warns of fake Security Essentials installer malware scam – WinBeta
Security is a huge (and growing) issue in the ever-more connected world in which we live. Malware has plagued computers for years, despite many tools being available that work to prevent it.
Microsoft has released a post on its TechNet blog which warns of one particular piece of malware that imitates Microsoft Security Essentials. Known as Hicurdismos, it acts as a Security Essentials installer, when in truth, it is just malware. Once installed, it will throw a fake Blue Screen of Death (BSOD) error message.
Jack Wilkinson Email @Tehjackuh
Smooth move: Clinton’s lawyer may have exposed entire email server to China
Using a brand of laptop that’s been banned by the federal government since 2006 because of the creator’s ties to the Chinese government, one of Hillary Clinton’s lawyers perused through the former secretary of state’s private email server.
That decision, according to House Judiciary Committee chairman Bob Goodlatte (R-Va.), may have given hackers the opportunity to access sensitive information on the server the Democratic presidential nominee used during her time at the State Department.
Sneak peek at a new cybersecurity policy tome
A NEW RED SCARE? — Hillary Clinton’s presidential campaign on Thursday suggested that Donald Trump might have known in advance about the hacking of Clinton campaign chairman John Podesta’s email account.
“In light of his associate’s admitted ‘back-channeling’ with [Julian] Assange, and Trump’s own undisclosed business ties with Russia, it’s time for Trump to tell the American people what he knew about these hacks and when he knew it,” Clinton senior policy adviser Jake Sullivan said after news broke that the Podesta hack was part of a broader Russian spearphishing campaign.
Yascha MounkWith help from Eric Geller, Martin Matishak, Tony Romm and Li Zhou
Got an email saying Trump’s quitting the race? It’s a scam
There’s another reason why Americans might be feeling stressed out about the presidential election: computer security experts are noting a rise in phishing attacks tied to the big vote on Nov. 8.
Perhaps it was inevitable that hackers would turn their wiles to preying on voters’ fears, given the heat of the current race. Phishing attacks have focused on emails with subject lines such as “Update your voter registration,” as well as candidate-specific come-ons such as, “Trump Withdraws from Presidential Race” and “Hillary Clinton Indicted by FBI on Email Scandal.” The hackers’ goals are to persuade consumers to provide them with personal data, such as their Social Security numbers, or to download malware.
Aimee Picchi – CBS NEWS
Editorial: WikiLeaks sounds alarm about cybersecurity
Former Congressman Mike Rogers, a Brighton Republican, sees in the WikiLeaks a “big and dangerous” change in Russian policy.
The WikiLeaks dumps of Hillary Clinton campaign emails have ranged from titillating insider gossip to more disturbing revelations about the abuse of influence. For her opponents, they’ve been something of a treasure. But beyond partisan politics, everyone should be concerned by what the leaks say about the holes in American cybersecurity and the shifting rules of engagement with Russia.
The Detroit News