Security Alert

SECURITY ALERT: New Malware that wipes your hard drive

That headline is somewhat misleading, as the primary goal of this malware is to steal credentials and monitor everything you do on the internet (like banking and social media). It is very hard to detect, and in that way it is advanced.

It takes evasive action, avoids sandboxes, and escapes analysis all to go undetected. What makes it special (similar to the malware that infected Sony) is that when detected, it can erase the Master Boot Record which basically makes the computer inoperable.

Sources:
ThreatPost
ZDNet
Sophos NakedSecurity
KnowBe4

More health care hacks

Health care is the new favorite target of hackers trying to steal patient records.

So far this year we have had several major breaches.
Anthem (70 million affected people)
Premera (11 million affected people)

The newest hack is Carefirst (1.1 million people and growing), and it was pulled off in similar fashion as the Anthem and Premera hack using fake domains like we11point.com instead of wellpoint.com.

Sources:
Bloomberg
Krebs On Security
ZDNet
ThreatPost

Starbucks and Uber app hacked

In separate stories both Uber and Starbucks apps were hacked. The root of both hacks are users “using the same email and password on multiple services”

Starbucks allows you to link your app with your bank account, credit card and PayPal to make it easier to pay at checkout. Attackers are breaking into the Starbucks account and stealing money from the linked account. If you are using Starbucks app, change your password immediately and check any accounts for fraud. Uber was hacked in a similar fashion.

Sources:
USA Today
CNN
Vice.com
Vice.com
ThreatPost

 

IRS Hacked – 100k Tax Records Stolen

IRS
Krebs On Security
ThreatPost
USA Today