In-brief: a survey of cyber criminal groups by Flashpoint revealed that secure messaging apps are becoming more popular, but that security isn’t the only thing motivating online criminals.
Government
Podcast: Hack, or Phreak – What Really Happened in Dallas?
In-brief: The April 7th hijacking of more than 100 civil defense sirens in Dallas was dismissed as an “old school” hack that relied copycat radio tones to set off a cacophony that lasted for nearly two hours. But was it? Security researcher Mark Loveless (aka “Simple Nomad”) has his doubts about the official explanation. In this latest Security Ledger podcast, he talks to Editor in Chief Paul Roberts about what might have really gone down in Dallas.
DHS warns of BrickerBot Threat to Internet of Things
In-brief: the Department of Homeland Security is warning about destructive attacks by BrickerBot, a new piece of malicious software that attacks Linux devices and renders them useless, wiping out critical configuration information and data from the devices.
Update: FDA says St. Jude Medical knew about Device Flaws 2 Years Before Muddy Waters Report
In-brief: In a damning report, the FDA said that St. Jude Medical* knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or other mitigations, or by replacing those devices. (Editor’s note: updated to include a statement from Abbott and comment from Dr. Kevin Fu. – PFR April 14, 2017)
Leaked CIA Tools Linked to Known Cyber Espionage Group | Symantec
In-brief: We don’t know if the Vault 7 tools belonged to the CIA. We do know that they were used by a group Symantec dubbed Longhorn that possessed powerful zero day exploits, never attacked computers in the US and used code words taken from lyrics by 80s band The Police, so…
