Security News > 2021 > September

An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The problem is due to unpatched vulnerabilities in both the Apple Pay and Visa systems, according to an academic team from the Universities of Birmingham and Surrey, backed by the U.K.'s National Cyber Security Centre.

An attacker who steals a locked iPhone can use a stored Visa card to make contactless payments worth up to thousands of dollars without unlocking the phone, researchers are warning. The problem is due to unpatched vulnerabilities in both the Apple Pay and Visa systems, according to an academic team from the Universities of Birmingham and Surrey, backed by the U.K.'s National Cyber Security Centre.

The US Department of Justice charged the admin of the WireX Android botnet for targeting an American multinational hotel chain in a distributed denial-of-service attack. Izzet Mert Ozek, the defendant, used the botnet which consisted of tens of thousands of enslaved Android devices - more than 120,000 based on the unique IP addresses observed in some WireX attacks - to target the company's online booking system website in August 2017.

Cybersecurity firm Profero has discovered that the RansomExx gang does not correctly lock Linux files during encryption, leading to potentially corrupted files. In a new report by Profero, Senior Incident Responder Brenton Morris says the RansomEXX decryptor was failing on various files encrypted by the threat actor's Linux Vmware ESXI encryptor for one the victims who paid the ransom.

Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally. While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service actors dominate the entire ecosystem of encryption-attack threats.

The House Committee on Oversight and Reform has requested a briefing to understand the rationale behind the FBI's decision to delay providing the victims of the Kaseya REvil ransomware with a universal decryption key for three weeks. "To understand the FBI's decision, the lawmakers are requesting a briefing from the FBI on its legal and policy rationale for withholding the ransomware key, as well as the FBI's overall strategy for addressing, investigating, preventing, and defeating ransomware attacks," the Committee said in a press release on Wednesday.

A research team from WizCase, led by researcher Ata Hakçıl, reviewed 3,100 configurations of Eduroam at universities throughout Europe, finding that more than half of them have issues that can be exploited by threat actors. It assigns students, researchers and faculty members log-in credentials that allow them to obtain internet connectivity across different institutions by using credentials from their own university.

The Ministry of Defence has published a data strategy that calls on the British armed forces to make better use of its "Enduring strategic asset" - by spying on social media and dobbing in dissenters to local councils. In a move bound to fuel tinfoil hat-wearing conspiracy theorists, the MoD's Data Strategy for Defence document [PDF] published this week says the military ought to be carrying out "Automated scanning of social media platforms" to detect "Change in population sentiment."

Security specialist ESET's latest Threat Report warns of a massive increase in attacks on Remote Desktop Protocol endpoints - and new activity from the Nobelium gang against European government organisations. ESET's figures show attacks on RDP servers having gone up 103.9 per cent since its T1 report in June - it publishes three a year - representing a total of 55 billion detected brute-force attacks, thanks in no small part to a campaign focused on Spanish targets.

The opt-in nature of this process gives people much more control over the use of their biometric data. When asked to provide your fingerprints for identification purposes, how often do we consider how the matching is performed? Whilst standards exist for the robustness of fingerprint matching when used within the Criminal Justice System, can we assume that the same standards apply to border control systems? Generally, the fewer comparison points to be analyzed, the faster the matching system; in a border control situation where a large quantity of people are being processed, it is important to understand how much of a trade-off between speed and accuracy has occurred.