Articles for August 2017

The FBI has arrested a Chinese citizen for allegedly distributing malware used in the 2015 massive OPM breach that resulted in the theft of personal details of more than 25 Million U.S. federal employees, including 5.6 Million federal officials’ fingerprints.

Yu Pingan, identified by the agency as the pseudonym “GoldSun,” was arrested at Los Angeles international airport on Wednesday when he was arrived in the United States to attend a conference, CNN reported.

The 36-year-old Chinese national is said to face charges in connection with the Sakula malware, which was not only used to breach the US Office of Personnel Management (OPM) but also breached Anthemhealth insurance firm in 2015.

Read more here.

A massive database of 630 million email addresses used by a spambot to send large amounts of spam to has been published online in what appears to be one of the biggest data dumps of its kind.

A French security researcher, who uses online handle Benkow, has spotted the database on an “open and accessible” server containing a vast amount of email addresses, along with millions of SMTP credentials from around the world.

The database is hosted on the spambot server in Netherlands and is stored without any access controls, making the data publicly available for anyone to access without requiring any password.

Read more here.

Vicious family of the file-locking malware becomes the latest form of ransomware not content with inflicting one form of misery on victims.

Source: Ransomware 2.0: Spora now steals your credentials and logs what you type | ZDNet

As part of the No More Ransom initiative, Avast Antivirus has released a tool that decrypts files locked by LambdaLocker ransomware.
Victims of LambdaLocker ransomware can now get their files back for free using a decryption tool released as part of the No More Ransom initiative.

The scheme was launched last year, with the goal of bringing law enforcement and private industry together to fight file-locking malware.

No More Ransom recently celebrated its one-year anniversary, and now offers over 50 decryption tools for use against more than 100 ransomware families.

Now cybersecurity researchers at Avast Antivirus have added a decryption tool for LambdaLocker to the portal, allowing victims to retrieve their files without paying the 0.5 Bitcoin ($2,200) ransom that attackers demand in exchange for the cryptographic key.

Source: LambdaLocker ransomware victim? Now you can decrypt your files for free | ZDNet

Recent versions of several Chrome extensions have been compromised to spread malicious ads.

Source: Google Chrome under attack: Have you used one of these hijacked extensions? | ZDNet

My own testing has shown that 53% of end users are vulnerable to phishing scams.  Are you safe?
Hired hackers share real-world stories of breaking into computer systems (legally) through phishing scams and other high-tech mischief

Source: “I Had Six Backdoors Into Their Network In Less Than An Hour.”

And this is why I cannot recommend the Surface Pro or Surface Book to anyone…

The move is a hit to Microsoft’s hardware business and many of the reliability problems appear to be software related.

Source: Consumer Reports pulls recommended ratings on Microsoft Surface laptops based on reliability scores | ZDNet

Microsoft has joined Apple, Google, and Mozilla in disabling security certificates from Chinese company WoSign and its StartCom subsidiary.

Source: Microsoft dumps notorious Chinese secure certificate vendor | ZDNet

Leaks and dumps are handing more tools for creating ransomware and other malicious software to cybercriminals.

Source: Ransomware turns even nastier: Destruction, not profit, becomes the real aim | ZDNet

People continue to be the weakest link in any secure network…

If you are a die heart fan of ‘Game of Thrones’ series, there’s good news for you, but obviously bad for HBO.

Hackers claim to have stolen 1.5 terabytes of data from HBO, including episodes of HBO shows yet to release online and information on the current season of Game of Thrones.

What’s more? The hackers have already leaked upcoming episodes of the shows “Ballers” and “Room 104” on the Internet.

Additionally, the hackers have also released a script that is reportedly for the upcoming fourth episode of “Game of Thrones” Season 7.

Read more here.