Malware Targets Hillary-Haters With False Promise of Video Showing ISIS Payoff (Forbes)
Malware pushers know that when they launch a campaign against overzealous link clickers, they can always count on at least a few people to fall for it. Bogus links targeting Clinton and Trump haters are a good example.
The latest is a malware campaign targeting the anti-Hillary folks with a promised video showing Clinton exchanging money with an ISIS leader.
According to Forbes, the link is delivered under the heading “Clinton Deal ISIS Leader caught on Video.” The email reads:
Hillary clinton (sic) caught on video exchanging money with ISIS leader in 2013. After watching the video clip you can then decide on who to vote. Sentiment is not enough to choose who to vote.
Click the link and you’ll get malware instead of a video. Specifically, it’s a .zip file with a Java remote access Trojan and two Visual Basic Script (VBS) files.
Symantec uncovered and documented the scam.
WhatsApp Angers Users Over Facebook Data Sharing (InfoSecurity Magazine)
More than a few people are pissed off at messaging service WhatsApp for privacy changes that will see it share more personal data with parent company Facebook.
In a blog outlining the change to its terms and conditions, WhatsApp said the changes will allow it to, “track basic metrics about how often people use our services and better fight spam on WhatsApp.”
Jonathan Armstrong, partner at law firm Cordery, told InfoSecurity Magazine that changes like this could cause regulatory problems if users feel they haven’t been adequately notified.
DoD Taps DEF CON Hacker Traits For Cybersecurity Training Program (Dark Reading)
For the second year running, the Defense Department sent one of its top directors to DEF CON in Las Vegas earlier this month — not to recruit attendees, but learn from them.
Frank DiGiovanni, director of force training in DoD’s Office of the Assistant Secretary of Defense for Readiness, told Dark Reading’s Kelly Jackson Higgins he was there “to really learn from people who come to DEF CON … Who are they? How do I understand who they are? What motivates them? What sort of attributes” are valuable to the field?”
He interviewed more than 20 different security industry experts and executives while there, asking, among other things, “If you’re going to hire someone to either replace you or eventually be your next cyber Jedi, what are you looking for?” It’s all part of DiGiovanni’s mission to “develop a state-of-the-art cyber training program that ultimately helps staff the military as well as private industry with the best possible cybersecurity experts and to fill the infamous cybersecurity skills gap today.”
Higgins writes that the program likely incorporate an ROTC-style model where DoD trains the students and they then owe the military a certain number of years of employment.