Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s
Older Samsung devices are vulnerable to a remote attack that makes the devices reboot over and over, according to security researchers.
Context Information Security researchers identified a bug in Samsung Galaxy S4, S4 Mini, S5 and Note 4 models that allows malicious code to be sent in an SMS and execute without a user action, Help Net Security reports.
“Given the reversible nature of this attack (a second SMS could be sent that restored the device to its unbroken state) it does not require much imagination to construct a potential ransomware scenario for these bugs,” the researchers wrote.
A user could stop an infected device from rebooting, but it requires a factory reset that would erase all the device’s data.
Researchers notified the Samsung security teams, which released patches in November.
The president, vice president and the first lady need to select tougher security standards for their Twitter accounts, according to a hacker.
WauchulaGhost, who previously hacked into hundreds of Twitter accounts that supported the Islamic State group, tweeted the @POTUS, @FLOTUS and other White House officials’ Twitter accounts aren’t using the more advanced security features available. A simple password reset displays a partial email address to anyone curious enough to attempt it.
“It’s not hard for us to go figure out that email,” WauchulaGhost told CNN.
That email address is key to taking over a Twitter account (and many other accounts). An attacker first gains access to that email account, and then can simply reset a Twitter password to take control of it.
WauchulaGhost recommended selecting the Twitter settings that require users to verify phone numbers or emails before resetting a password. The White House Communications Agency, which manages accounts like the president’s, has protocols beyond two-factor authentication, a Twitter spokesperson told CNN.
Unknown hackers targeted Lloyds Banking Group with a denial-of-service attack, blocking some customers from logging into online services, according to reports.
The Financial Times reported an international crime gang swamped U.K. banking websites, including Lloyds, with bunk traffic that prevented some customers from checking balances or sending payments for multiple days.
Lloyds in a statement acknowledged intermittent services issues, but declined to speculate on the cause.
The bank is working with the U.K. cybersecurity authority, National Cyber Security Centre, to investigate the incident, the BBC reports, and no money appears to have been stolen.
Last month, hackers accessed the accounts of U.K. bank Tesco, swiping small amounts of cash from 20,000 of them.