Monthly News Roundup - July 2015 (TL;DR)

2015-08-12_Dark-Reading

NEWS

The US government scored a 1-1 win-loss record on cybercrime this month. The FBI coordinated the takedown of an infamous cybercrime forum. Win! However, there were ominous updates on the OPM breach. Loss. In addition, a new OpenSSL vulnerability and some high profile hack attacks made headlines. All of July’s biggest infosec stories are in our monthly roundup, below:

  • Malvertisers Are Now Using SSL Redirects: An AOL-owned ad network is serving up malware to website visitors. The malicious ad sends visitors through a series of redirects before landing them on a page that installs malware (typically ransomware) on their device. The criminal ads have been spotted in Japan, Saudi Arabia, Germany, Turkey and Vietnam.
  • Notorious Cybercrime Forum Shut Down By Law Enforcement: The FBI announced the takedown of notorious cyber crime forum, Darkode. The operation, dubbed “Shrouded Horizon,” involved cooperation from 20 nations, and resulted in the arrest of 70 people around the globe. Before it was dismantled, Darkode allowed members to buy and sell cybercrime services and products, as well as share ideas and advice on illicit hacking.
  • OPM has increased the total number of people affected and it has a new strategy to help victims: According to the new revelations from the US Office of Personnel Management, 21.5 million people were affected by the office’s recent data breach. The vulnerable information extended far beyond the typical identifiable information like Social Security Numbers and addresses. Victims’ personal details, including names of their family members, usernames and passwords, educational and health history, and in some cases, fingerprints. In addition to OPM’s efforts to aid victims, we here at Authentic8 extended Silo protection to anyone affected by the breach.
  • OpenSSL Flaw Allows Attackers to Impersonate Any Trusted Server: A security advisory announced an OpenSSL bug that could affect VPNs, protected websites and email servers. The vulnerability allows attackers to trick applications into accepting an invalid certificate. Once they succeed, criminals could intercept or modify transmissions between users and trusted servers. However, all major browsers and end-user apps appear to be protected against this flaw. The potential danger could still lurk in other apps that use their own code to verify certificates.
  • Harvard Hacked... Again: Even Ivy League smarty-pantses aren’t immune to cyber-threats. At the beginning of the month, Harvard announced it was the victim of a data breach. The digital break-in exposes passwords of students, faculty and university staff. In April, Harvard’s network suffered another attack when an activists (or people pretending to be activists) took over the Web site of Harvard’s Institute of Politics.
  • UCLA’s Hospital Network Suffers Data Breach: Los Angeles-based medical network, UCLA Health, suffered a break in that revealed sensitive records of 4.5 million people. When the breach was first detected in September 2014, the organization didn’t think that personal medical information had been stolen. Then in May, it was discovered that they had. UCLA Hospital System president, Dr. James Aktinson, apologized in a public statement. His group noted that they are under “near constant” attack and block millions of hacker attempts each year.