SMS App Exposes Messages of Millions
Despite the weeks of effort from the developer, GO SMS Pro an instant messaging app with over 100 million users is still suffering from messages being leaked. What originated as a bug has left the messaging app critically flawed for upwards of three months, with no clear signs of resolution, as even new versions of the app have been unable to rectify the problem. The researchers who discovered the flaw were able to view video and picture messages, along with other private messages, due to the URL shortening that occurs when the messages are sent to contacts that don’t have the app installed.
Default Passwords Compromising Radiology Equipment
Spreading across a wide range of medical equipment, researchers have discovered that GE implemented default passwords, that can be easily found online. These passwords are used by technicians to perform routine maintenance but could be illicitly used to take control of the machines or cause them to malfunction. To make matters more difficult, users are unable to change these credentials on their own and require a certified GE tech to come on-site to make the adjustments. While GE has stated that they don’t believe an unauthorized access has been identified, the critical nature of these machines makes this a high priority vulnerability.
Payment Card Skimmers Hiding in CSS
The latest evasion tactics being used by payment card skimmers is camouflaging themselves into the CSS of the compromised e-commerce site. The skimmer in question is run by the Magecart group, which is known for staying on the latest edge of evading current detection software and finding better methods for boosting longevity on compromised systems. The embedded script launches when the customer starts the checkout process, by redirecting them to a new page, and begins stealing any information that is entered into the form.
Trickbot Spreading Through Subway Marketing Emails
Customers of Subway UK have been receiving confirmation emails regarding a recent order, but instead contained malicious links that initiated the download of Trickbot malware onto the current device. Subway has since disclosed that they found unauthorized access on several of their servers, which were then used to launch the email campaign. For any users that did click on the malicious link, there is a known process that will be running in the Task Manager, which can be terminated by the user to stop additional illicit activities that are typical of a Trickbot infection.
Ransomware Strikes City of Independence, Missouri
Officials for the City of Independence, Missouri have been working for the past two weeks to recover from a ransomware attack that forced them to take several essential services offline. Fortunately, there were some recent file backups that are being used to restore some of the encrypted systems to normal functionality. At this point, officials are still uncertain if any customer or employee data was stolen during the attack, and no ransomware group has come forward to take credit for the attack or post stolen data for sale.