Techdirt: Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets. “Researchers say they’ve discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets.”
PC World: There’s now a tool to test for NSA spyware. “Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the U.S. National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.”
Naked Security: Ransomware hidden inside a Word document that’s hidden inside a PDF. “SophosLabs has discovered a new spam campaign where ransomware is downloaded and run by a macro hidden inside a Word document that is in turn nested within a PDF, like a Russian matryoshka doll. The ransomware in this case appears to be a variant of Locky. Most antivirus filters know how to recognize suspicious macros in documents, but hiding those document inside a PDF could be a successful way to sidestep it, according to SophosLabs researchers.”
Hacker News: Beware! Dozens of Linksys Wi-Fi Router Models Vulnerable to Multiple Flaws . “Bad news for consumers with Linksys routers: Cybersecurity researchers have disclosed the existence of nearly a dozen of unpatched security flaws in Linksys routers, affecting 25 different Linksys Smart Wi-Fi Routers models widely used today.”
CIO: IoT malware clashes in a botnet territory battle. “Mirai — a notorious malware that’s been enslaving IoT devices — has competition. A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers.”
Gizmodo: How to Spot a Link You Shouldn’t Click On. “Even as our tech gets increasingly sophisticated and intelligent, sometimes it’s falling for the oldest tricks in the book that breach the security walls we’ve put in place—like clicking on dodgy links or shady attachments that we shouldn’t. You don’t have to get tripped up by these simplest of scams though, if you know what you’re looking for.” Covers lots of scenarios, though I would have liked more external tools.
The Intercept: Leaked NSA Malware Threatens Windows Users Around the World. “The ShadowBrokers, an entity previously confirmed by The Intercept to have leaked authentic malware used by the NSA to attack computers around the world, today released another cache of what appears to be extremely potent (and previously unknown) software capable of breaking into systems running Windows. The software could give nearly anyone with sufficient technical knowledge the ability to wreak havoc on millions of Microsoft users.” Read the update at the end for a few interesting – and eyebrow-raising – bits.