Hi, I’m Paul Torgersen. It’s Monday, July
15th, 2019 and this is a look at the information security news from overnight. From TechCrunch.com:
Recently we talked about how the TrickBot banking trojan learned how to steal cookies.
Well, now it has learned to send spam. Nicknamed TrickBooster, the malware sends emails from
a victim’s account, then removes the email from the sent folder to evade detection. It
appears to have collected more than 250 million email addresses to date. From BleepingComputer.com:
A new version of the 16Shop phishing kit has been observed in the wild, with more than
200 URLs aimed at collecting login information from Amazon customers. And just in time for
the Prime Days shopping extravaganza. A previous variant targeted Apple users looking for their
account and payment card information. See the Bleeping Computer article for full details. From TheRegister.co.uk:
A team of academics has found a simple method to defeat Bluetooth LE anti-tracking measures.
While the standard randomizes information, it still needs to be identified by other devices.
Which means there is a constant set of data. Attackers can sift through for that constant
data and track their victims. Back to the drawing board. From BleepingComputer.com:
Atlassian has patched a critical vulnerability that has affected Jira Server and Data Centers
since 2011. A template injection on the server side could be exploited without authentication
and could allow arbitrary code execution and lead to full compromise of the application
data and functionality. And from ZDNet.com:
Brazilian users have been targeted with a new type of router attack that has not been
seen anywhere else in the world. The attacks are nearly invisible to end users and can
have financially disastrous consequences. More than 180,000 routers have had their DNS
settings modified, redirecting infected users to malicious clone websites whenever they
tried to access e-banking. Details and links in the ZDNet article. And that’s all for me today. Have a great
rest of your day and until tomorrow, be safe out there.