The “Quadrooter” firmware vulnerability Checkpoint’s discovered in Qualcomm chipsets powering Android devices is worrisome but not, apparently, being exploited in the wild. Qualcomm has been issuing updates since April that may have fixed the issue in many devices. A general patch is expected next month.
Symantec and Kaspersky independently warn of a new APT group they’re calling either “Strider” or “PojectSauron.” The group is thought to be state-sponsored, but hasn’t been attributed yet to any state. Kaspersky says the APT has operated against “government agencies, telecommunications firms, financial organizations, military and research centers in Russia, Iran, Rwanda, China, Sweden, Belgium and Italy” since 2011. Strider (or ProjectSauron) seems highly targeted, and particularly interested in encryption software. Symantec reports that the group (which reminds them of “Flamer) uses Remsec malware to establish backdoors.
A Russian organized crime mob, thought to be Carbanak, has compromised Oracle’s MICROS point-of-sale system. Oracle has advised affected customers to reset passwords. Other remediation is underway.
Skycure warns of rogue Wi-Fi hotspots around the Rio Olympics.
As the US considers enhancing the status of US Cyber Command, observers suggest that the world collectively (and its security and defense sectors especially) need to devote some thought to reaching clarity about conflict in cyberspace and how it relates to actual, lethal, kinetic warfare.
In law enforcement news, Ireland’s Garda upgrades its defenses after the cyberattack it recently sustained, Australia sets up a cyber unit to track terrorist funding, and the US prepares to auction off Bitcoin seized from SilkRoad.