ISIS sympathizers return to the cyber offensive, in a way, defacing state government sites in Wisconsin with pro-Jihad messages. CSO characterizes the attackers as “script kiddies,” which is consistent with ISIS hacktivists’ track record.
In other notes on ISIS, the Combating Terrorism Center at West Point has worked through the data stolen from the jihadist group by a disillusioned adherent. Their conclusion is that the data are genuine. The defector, “Abu Mohammed,” broke with ISIS over the group’s enslavement of Yazidi women.
A Security Research Labs white hat has demonstrated smartphones’ vulnerability to eavesdropping and geolocation. The weak point, common to most phones and carriers, lies in the SS7 routing protocol. SS7 is used by more than 800 telecommunication companies worldwide to achieve mutual interoperability.
Proofpoint reports finding a new ransomware variant, “CryptXXX,” which they’ve traced to the criminal group behind Reveton. CryptXXX is being dropped by the Angler exploit kit.
Checkpoint has released its periodic report on the prevalence of various malware strains. The familiar Conficker, Sality, and Cutwail families maintain their position atop the leaderboard. The top three mobile strains are HummingBad, AndroRAT, and Iop.
The GozNym “double-headed” financial malware being tracked by IBM Security is apparently enjoying a successful run, netting some $4 million from US and Canadian banks.
Anonymous has opened a Dark Web communication service, hoping thereby to improve hacktivist skills and coordination.
The general shortage of cyber labor is affecting the black market. Recruiting traffic is exposing more criminal enterprises to threat intelligence analysts.