According to the WSJ, approximately 40 U.S. states are working closely with the DHS to protect their voting systems. Hackers have scanned the election systems of at least 20 states, U.S. officials said, and now many states across the country are working to protect their election systems from digital tampering. Read more.
The Office of the Comptroller of Currency, an independent arm of the Treasury Dept that “ensures the safety and soundness of the national banking system,” disclosed that the organization was breached due to a former employee’s unauthorized removal of more than 10,000 records. The breach occurred in November 2015 when a former employee downloaded a large number of files onto two thumb drives before retiring from the agency. The OCC said data on the thumb drives were encrypted and there is no evidence that data taken by the employee were “disclosed” or “misused.” Read more.
Google disclosed a new Windows zero-day vulnerability that has been used for an unknown number of attacks. Microsoft has not yet issued a fix to the flaw, which Google said is a local privilege escalation vulnerability in the Windows kernel. The vulnerability could be used to escape the sandbox and execute code on the compromised device. According to Google researchers Neel Mehta and Billy Leonard, hackers already knew about the vulnerability and were using it to compromise people’s machines. Read more.
Researchers at security company Verint discovered a new variant of the Nymaim dropper. The updated malware includes new delivery and obfuscation methods, and uses PowerShell routines to download payloads. The updated dropper, used primarily to download banking Trojans in the past, has also been spreading ransomware. “Unlike the 2013 variant of the dropper, which was almost exclusively distributed via drive-by-downloads, the new incarnation brings to the table new features and is spread through spear phishing,” wrote Threatpost. Read more.
Researchers at Cylance discovered new malware that targeted Mac users looking to download Chrome. The malware authors cleverly used AdWords to deliver the malware when users conducted a Google search for the Chrome download. Read more.
An SQL injection vulnerability was discovered in Belkin’s WeMo home automation firmware that could give a third party local network access to gain root access to other connected devices. Researchers at Invincea Labs discovered the vulnerability and issued warning of the bug that allows anyone who is on the same network to hack the app and get access to the user’s cellphone – giving the intruder the ability to download all photos and track the user’s position. Read more.