ICYMI: Facebook malware; nude celeb hack; logons key; spambot; CeX hack

News by SC Staff

In Case You Missed It: Facebook spreads malware; Instagram celeb hack; Logon breach id key; Spambot weaponises 711 m accounts; CeX hacked

New malware and adware spreading through Facebook Messenger

A new advanced form of malware is using Facebook Messenger to infect victim's systems, security researchers warned. The malware was discovered by Kaspersky Labs researcher David Jacoby. On a blog post, he explained that the malware came to his attention after a friend sent him a link to a video file in Messenger. 

He said that the link points to a Google doc. The document has already taken a picture from the victim's Facebook page and created a dynamic landing page which looks like a playable movie. More...

Monitoring logons 'the most effective way to detect data breach'

Monitoring corporate logins is the most effective way to detect a data breach within an organisation, according to a new report on the ‘key indicators of compromise' by IS Decisions.

Mismatched port and application traffic, increases in data reads or outbound traffic, geographical irregularities regarding the perimeter of the organisation, and data access at irregular times and locations are other key indicators identified. But the one common activity across nearly all attack patterns, necessary to perform basic hacks on network perimeters and endpoint devices, and move laterally across devices to access data unlawfully, is use of corporate logins. It is involved in 81 percent of hacking-related breaches thus the key area upon which to focus efforts. More ...

Hackers leak more celeb nude pics - Dakota Johnson joins Miley Cyrus

Hackers leak more celeb nude pics - Dakota Johnson joins former sports couple Tiger Woods and Lindsey Vonn, actress Kristen Stewart, performers Miley Cyrus and Katharine McPhee, and model Stella Maxwell.The same hackers behind the unauthorised access of celebrities' iCloud accounts and the subsequent postings of nude photographs are believed to be behind the recent leak of nude photos of “Fifty Shades” actress Dakota Johnson. More...

Spambot weaponises 711M accounts to spread Ursnif malware

A Paris-based security researcher, by the pseudonym Benkow spotted a massive spambot, dubbed Onliner, weaponising 711 million email and server accounts to distribute phishing emails laced with malware looking to steal user data.

Benkow discovered the spambot on an open and accessible web server hosted in the Netherlands, that was being used to store dozens of text files containing the email addresses, passwords, and email servers used to send spam messages. more...

CeX data breach - up to 2 million hit - and at risk of future scams

Second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, “We have recently been subject to an online security breach. We are taking this extremely seriously and wanted to provide you with details of the situation and how it might affect you. We also wanted to reassure you that we are investigating this as a priority and are taking a number of measures to prevent this from happening again.”

Initially two million registered customers were sent a Q&A to keep them informed and advising them to change their passwords; separate reports say that is is around 2,000 customers who have had their data stolen – including  some customer personal information such as first name, surname, addresses, email address and phone number if this was supplied. More...

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews