This Week in Cybersecurity News
CozyDuke APT Group Believed to have Targeted White House and State Department by Ashly Carman, SC Magazine
The APT group known as CozyDuke is suspected to be behind the attack on the White House and State Department. Researchers also believe CozyDuke was behind attacks on other government organizations and commercial entities in the U.S., Germany, South Korea and Uzbekistan. In the more recent campaigns, CozyDuke is using the standard Windows API and phasing out custom features from prior campaigns to simplify the process.
Zero-Day Malvertising Attack Went Undetected For Two Months by Kelly Jackson Higgins, Dark Reading
An Adobe Flash Player zero-day exploit was embedded in online ads for close to two months in an attack that targeted US users with a ransomware payload. The vulnerability was patched on February 2, bringing an end to the campaign but attacks using the exploit were found as early as December 2014 and targeted the websites of Dailymotion, Huffington Post, answers.com, and New York Daily News among others.
SSL Certificate Flaw Allows Hackers to Crash Devices Running iOS 8 by Fred O’Connor, IDG News Service
A flaw found in iOS 8 allows attackers to render devices useless if they’re within range of a fake wireless hotspot. The vulnerability exploits a flaw in how iOS 8 handles SSL certificates and allowed researchers to get apps running on devices using iOS 8 to crash or place the device in a constant reboot cycle. Users should update to the latest version of iOS and avoid using suspicious free networks.
Researchers have discovered an exploit that enables cybercriminals to track keystrokes and mouse clicks in a web browser. The exploit is effective against machines using late-model Intel CPU, such as a Core i7, and a browser that supports HTML5. The attack is performed by Java Script served from a malicious web ad network.
Financial Botnets Go Beyond Banking to Hit Payroll, HR Portals by Robert Lemos, eWeek
Researchers have found that the operators behind banking botnets are expanding and going after smaller banks and targeting other areas such as corporate accounting and payroll systems following the takedown of high profile botnets like Gameover Zeus.
ICYMI Threat Geek Post of the Week: The Internet’s New Superfriends?