Cyber Security News Update 12/29/2017

Latest Cyber Security News Update 12/29/2017

The last Cyber Security News Update of 2017 is here, and what a year it was. To wrap up this week we’ve got cryptocurrency hostage exchanges, leaky code and Samsung’s SOP bypass.

Pavel Lerner, the managing director of a cryptocurrency exchange in Ukraine, was kidnapped on December 26th while leaving his office. He works for EXMO, a large exchange and is also an expert on blockchains and cryptocurrency in general. He was dragged away in a black Mercedes-Benz Vito and hasn’t been heard from since. It’s currently believed that he’ll be ransomed back for some amount of untraceable cryptocurrency. This kidnapping is horrible, and it raises a disturbing question: Will there be more criminal acts now that untraceable currencies exist? There’s technology now to track individual pieces of real currency, and the people who’ve interacted with it but untraceable cyrptocurrencies like Monero exist. This abduction may also be the opening move of a robbery attempt on the EXMO exchange, so if you have currency there it may be time to withdraw it. Watch your account in the coming days.
Source: CEO of Major UK-Based Cryptocurrency Exchange Kidnapped in Ukraine

Ancestry.com is a well-known website that helps people see who’s in their family tree. It requires a DNA sample, which gets tested, and they also dig through records. While it might not seem like an identity threat, it really is the more you think about. The names of your family are recorded there and most people use familiar names when they generate their passwords or security questions. To go really off the deep-end, there’s also literally a record of your DNA on file and that’s pretty personal. At a reasonable level again, they also store credit card information and social security numbers. So when Ancestry.com reported that they had to close access off when they discovered that some 300,000 passwords had been leaked due to their root code it was concerning. They’ve reported that of the 300,000 passwords stolen most of them are for inactive trial accounts or for access to their messaging boards. Roughly 7,000 of them are for active accounts however, and while they say the actual credit card data wasn’t stored on the server that’s not all that comforting. So far, according to the company, no “malicious third party” has accessed the data, but they’re also refusing to comment on how they left this data unsecured in the first place or for how long.
LEAKY ROOTSWEB SERVER EXPOSES SOME ANCESTRY.COM USER DATA

Samsung Android phones that come with a preinstalled browser application are at risk. A security flaw allows attackers to take data from the phone using the Same Origin Policy (SOP) that allows web pages from the same website to interact with each other, while excluding others. This flaw comes from the way the phone utilizes Javascript to open new tabs or operations. The Javascript can override the SOP, which means a malicious website can get into the phone’s data the user visits it. It’s believed that attackers will only be able to take passwords and cookies, but both of those are things you don’t want falling into someone else’s hands.
Source: Critical “Same Origin Policy” Bypass Flaw Found in Samsung Android Browser