See any stories that catch your interest? What would you like to see in the future? Let us know in the comments below!
Webroot’s New Blog Page!
Webroot has a new page for our blog, stop by and check it out!
_____________________________________________________
What Social Media Platforms and Search Engines Know About You
As Facebook founder and CEO Mark Zuckerberg testifies before the US Congress this week on protecting user data, here is a primer on what they know about you:
Facebook, which has more than two billion users, has access to everything you do on the site: the photos and videos you post, your comments, your 'likes,' anything you share or consult, the identity of your friends and any other users you interact with, your location and other information.
Ditto for Instagram and WhatsApp, which are owned by Facebook, and for Snapchat and Twitter. A user can control some sharing of their Facebook data with privacy settings and the ad preferences page. See here for the full Article!
_____________________________________________________
Stealing Credit Cards from FUZE via Bluetooth
This article covers FUZE Card, a Bluetooth-enabled reprogrammable credit card. The size and shape of a regular credit card, FUZE promises to be "your whole wallet in one card."
After receiving a FUZE Card from @MBHbox (his blog), I decided to take a careful look at it. In the process, I X-rayed the card, fully reverse engineered its Bluetooth protocol, and found a security vulnerability that allows credit card numbers to be stolen via Bluetooth (CVE-2018-9119).
ICE9 reported this vulnerability to BrilliantTS, the maker of FUZE, but they did not respond to repeated follow-ups and did not take action on the basis of our report. As of this writing, CVE-2018-9119 continues to be exploitable on production FUZE Cards in the wild. See here for the Full Article!
_____________________________________________________
TrickBot banking trojan updated with new module
It's baaaaaaack.
Since inception in late 2016, the TrickBot banking trojan has continually undergone updates and changes in attempts to stay one step ahead of defenders. While TrickBot has not always been the stealthiest trojan, its authors have remained consistent in the use of new distribution vectors and development of new features for their product. On March 15, 2018, Webroot observed a module (tabDll32 / tabDll64) being downloaded by TrickBot that has not been seen in the wild before this time.
It appears that the TrickBot authors are still attempting to leverage MS17-010 and other lateral movement methods coupled with this module in an attempt to create a new monetization scheme for the group.
We go in depth on our blog into the behavioral analysis of TrickBot and provide insight into what might happen next. See here for the full article!
_____________________________________________________
RSA Conference 2018
Webroot will have a booth setup at the RSA Conference in Moscone Center in San Francisco from April 16-20! If you happen to be visiting the conference, stop by and say Hi! For more information about RSA, visit here!
