ICYMI: Buffalo stampede; Airport attack?; Ransomware plus; Patching halted; Short URLs
The latest In Case You Missed It (ICYMI) looks at Malware targeting malware; Was airport attacked?; Ransomware, malvertising & phishing; Quicktime unfixed; Short urls a risk
What if malware is dispatched to attack inside a network where other malware already exists - does it first kill off the other malware?
Thanatos is a new strain of malware tooling that with the ability to scan a target network for other malware. Reports suggest that Thanatos is offered at a price of US$1,000 (£700) per month or US$ 12,000 (£8,300) for a lifetime subscription. More
Reports of a large cyber-attack are currently being investigated by the Swedish civil aviation administration, the LFV(Luftfartsverket) (LFV).
In early November last year, air traffic control centres around Sweden went down and air traffic controllers at Arlanda, Landvetter and Bromma airports couldn't see airplane traffic on their screens, resulting in the cancellation of many flights.
Initially, a solar storm was blamed for the outage. But Aldrimer.no, a Swedish news outlet, says sources have told them that during the outage, authorities sent warnings to NATO that air traffic control centres were under attack. Those warnings were then relayed to neighbouring countries Norway and Denmark. Subsequently they are reiterating that it was a solar storm. More
Malwarebytes researchers spotted what they called the “perfect storm” of ransomware, malvertising, phishing attacks, and other malware following the breach of a popular forum dedicated to “Celebgate” leaked nude photos.
On, 12 April, haveibeenpwned tweeted that the forum was compromised and exposed 179,000 accounts, 30 percent of which had already been compromised in previous breaches. Among the malicious ads researchers spotted was a pornographic popup that attempted to load SLocker ransomware, a message posing as a United Nations warning, and other messages attempting to extort users. More
The security flaws in the Windows version of Apple's media player, Quicktime will be left open as Apple announces its intention to stop patching it.
Apple's Quicktime will no longer be patched for Windows. Users of QuickTime for Windows have been warned to uninstall the product after Apple deprecated support for the product despite two active security vulnerabilities. More
Short URLs produced by bit.ly, goo.gl, and similar services are so short that they can be scanned by brute force, according security researchers.
The problem was exposed by Martin Georgiev and Vitaly Shmatikov following investigations of abridged web addresses used by companies such as Google, Microsoft and bit.ly.
In a report called “Gone in Six Seconds: Short URLs Considered Harmful for Cloud Services”, the pair described how flaws in these services can be exploited to find private documents in OneDrive and location information from Google Maps. More