EternalSynergy, EternalRomance, and EternalChampion, leaked last year by the Shadow Brokers and used in the NotPetya pseudoransomware attacks, have been found to work on all unpatched versions of Windows from Windows 2000 on. RiskSense researchers determined the three alleged Equation Group exploits may be just as easy for attackers to use as the hitherto more popular EternalBlue bug. This discovery should spur laggards (there are many) who have yet to apply patches Microsoft issued last March.
On February 1st and 2nd the MacUpdate was briefly infested with cryptomining malware. MacUpdate has expelled the malicious software, but users who downloaded updates at the beginning of the month should check their systems.
Qihoo 360 NetLab warns that a new Monero cryptomining botnet affects Android devices in the wild. It infects through port 5555, which is used by the legitimate debugging tool Android Debug Bridge.
T-Mobile has issued a warning of an active SIM-hijacking campaign. The warning takes the unusual form of a mass text message. In the "phone number port out scam," the crook impersonates the victim in either a phone call or a visit to a phone store and request a new SIM card for the victim’s phone number. Phone passcodes or PINs can help ward off the scam.
Apple and Cisco have partnered with insurance giant Allianz in an arrangement that will give Allianz customers lower cyber insurance rates if they use certain Apple and Cisco products.
US Federal agencies and their contractors prepare to implement NIST information-sharing guidelines.