#GhostSec Weekly Security Alerts — Vulnerabilities, 0-Day, ISIS Threats, #GhostSquadHackers & More

This week’s US-CERT Cyber Security high vulnerability alerts include Adobe Connect, Apache PDFBox, Apache ActiveMQ, Cisco Prime Network Analysis Module (NAM) and HP Release Control. For version information and the full list of high, medium and low vulnerability risks, click here.

ISIS Has Threatened Attacks on the West During Ramadan & EURO 2016 — Report Suspicious Behavior on the Internet: https://ghostsec.info/report-terrorism.html

Krebs on Security — Got $90,000? A Windows 0-Day Could Be Yours

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit sales thread from the cybercrime underworld where the current asking price for a Windows-wide bug that allegedly defeats all of Microsoft’s current security defenses is USD $90,000…

Security News

NSA wants to Exploit Internet of Things and Biomedical Devices

The cyber attack vectors available to hackers will continue to grow as the Internet of Things (IoTs) become more commonplace, making valuable data accessible through an ever-widening selection of entry points. Although it’s not the hackers alone…

How to recover files encrypted by all Teslacrypt Ransomware variants

Experts from Cisco Talos team have improved their decryptor tool to allow the recovery of files encrypted by all the Teslacrypt Ransomware variants

In May, criminals behind the TeslaCrypt ransomware leaked online the master encryption key that allowed security experts to develop a decryption tool for the last variant of the threat.

“In surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few weeks, an analyst for ESET had noticed that the developers of TeslaCrypt have been slowly closing their doors, while their previous distributors have been switching over to distributing the CryptXXX ransomware. ” reported Lawrence Abrams from bleepingcomputer.com that also published a step by step guide to use the Teslacrypt decryption Tool…

Rothschild.Com Taken Offline by Ghost Squad Hackers

https://twitter.com/s1ege_/status/741414521756131332

Bolek Banking Trojan, a Carberp Successor is spreading in the wild

The Bolek banking Trojan is one of the successors of the notorious Carberp Trojan that targets both 32-bit and 64-bit Windows systems.

When the source code of the Carberp Trojan was leaked online, numerous threat actors developed their own variants. This process allowed a significant evolution of the malware that increased its sophistication across the time.

One of its successors recently spotted is the Bolek banking Trojan, a polymorphic threat that targets both 32-bit and 64-bit Windows systems…

Ransomware Now Comes With Live Chat Support

Victims of a new version of Jigsaw now have access to live chat operators to help them through the ransom payment process, Trend Micro says…

#OpKillary: Ghost Squad Hackers Dox Hillary Clinton

https://twitter.com/s1ege_/status/741414521756131332

Biggest Attacks Of 2016 (So Far)

An attack against a Ukraine power grid and major upticks in ransomware dominate the headlines in this Dark Reading mid-year report…

Wendy’s Finds More PoS Systems Hit by Malware

Fast food restaurant chain Wendy’s informed customers on Thursday that the number of locations where cybercriminals compromised point-of-sale (PoS) systems is much higher than initially estimated…

JPMorgan Hackers Plead Guilty

Two Israeli citizens, arrested in Israel in July 2015 and extradited to the US this week pleaded guilty Thursday to orchestrating a computer hacking and fraud scheme that included, but was not limited to, the theft of personal information on 83 million customers from JPMorgan

Symantec Wants to Protect Your Car From Zero-Day Attacks

Symantec Expands IoT Security Portfolio to Connected Cars

Symantec this week introduced a new IoT security solution specifically designed to protect connected vehicles from zero-day attacks and never-before-seen threats…

George Soros Website Hacked by Ghost Squad Hackers

https://twitter.com/s1ege_/status/741796790249377792

“Gaza Cybergang” Attacks Attributed to Hamas

Researchers are fairly confident that the Palestinian terrorist organization Hamas is behind the cyber espionage group known as Gaza Hackers Team, Gaza Cybergang and Molerats…

— — —

DEF CON 24 is August 4–7 at Paris & Bally’s in Las Vegas!

$240 USD for all four days! Cash only at the door, there is no pre-registration.

BOOK A ROOM!

Click here for more information on DEF CON 24

&

Black Hat | USA is coming up:

July 30 — August 4, 2016 | Mandalay Bay | Las Vegas, NV

Trainings: July 30 — August 2

Sail Safe!

Like what you read? Give Official GhostSec a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.