Intelligence Briefing – Q1, 2015

Cybercriminals testing new PoS malware, “Poslogr.”
Dec. 1 — Researchers with Trend Micro detected a new, multicomponent point-of-sale (PoS) malware dubbed “TSPY_POSLOGR.K” that is under development and yields similarities to a recently discovered variant of the BlackPoS malware. Poslogr is designed to read the memory linked to specific processes and collect payment card information, and researchers continue to work towards identifying which processes are scanned by the malware.

_____________________________________________________

FIN4 attack group targets firms for stock market profit.
Dec. 1 — FireEye researchers published a report on a group of attackers known as FIN4 that have targeted high-level figures at various financial services companies, advisory firms, and regulators in order to obtain inside information on business decisions for possible use in stock trading. The group has been active since mid-2013 and uses visual basic applications (VBA) macros in Microsoft Word documents and links to fake Outlook Web App login pages in order to obtain user names and passwords.

_____________________________________________________

OpenVPN versions released since 2005 affected by critical flaw.
Dec. 2 — The developers of the open-source virtual private network software OpenVPN released a new version of the software to address a critical denial of service (DoS) vulnerability which could allow authenticated attackers to cause servers to crash. The vulnerability affects all OpenVPN 2.x versions released since 2005 as well as OpenVPN Access Server versions prior to version 2.0.11.

_____________________________________________________

Low-risk cybersecurity issue found at nuclear plant.
Dec. 2 — The operators of the PPL Susquehanna Steam nuclear power plant in Salem Township stated that they were in the process of correcting an undisclosed cybersecurity issue at the plant identified by the U.S. Nuclear Regulatory Commission (NRC). The issue was described as a low-risk issue and interim measures were put in place to address the vulnerability following the NRC inspection until the permanent measures are complete.

_____________________________________________________

Detroit goes dark: Massive power outage affects courthouse, schools and more.
Dec. 2 — An electrical grid failure in downtown Detroit Dec. 2 caused a loss of power to the Frank Murphy Hall of Justice, Coleman A. Young Municipal Center, public schools, the Joe Louis Arena, the City-County building, and several other commercial buildings. Detroit Public Schools dismissed students early while The Detroit Historical Museum and Detroit Institute of Arts closed as crews worked to restore power following the rescue of dozens of people from affected buildings.