Cybersecurity

A security researcher uncovered a series of flaws in Google's bug tracker database that allowed him to spy on the firm's entire list of dangerous bugs.

An unknown hacker reportedly put up millions of sensitive records stolen from Malaysian telecoms and network operators for sale on the dark web.

"In terms of targets, Ursnif malware configurations can be a mixed bag at times," IBM's X-Force research team said.

This week in cybersecurity was defined by major attacks and global concern - here are the biggest cybersecurity stories of the week as chosen by the IBTimes UK tech desk.

Upon analysis, multiple cybersecurity firms – including Cisco Talos, FSecure and Symantec – have now concluded that an exploit known as 'EternalRomance' helped the malware spread.

The lawsuit by voting transparency activists sought a review of the state's voting systems and called for an overhaul of its outdated election technology.

The Basetools site went offline shortly after the hacker dumped a sample of Basetools' database and posted the ransom demand.

Dell confirmed the URL was briefly taken over by another third-party at some point between June and July.

Twitter said the decision, which impacts "all accounts" owned by the outlets, is effective immediately. It cited the alleged Russian interference during the 2016 US election.

The scam involves hackers tricking victims into divulging their wallet account passwords, which they would then use to clear out the victims' wallets.

The analysts found a cache of files belonging to the Equation Group, an extraordinarily powerful band of hackers that would later be exposed as an arm of the NSA.

Dark web vendors are selling credentials to hacked Remote Desktop Protocol (RDP) servers, which allow hackers to spy on and steal data from companies, without using malware.

The news comes nearly a year after disclosures from the Panama Papers shook the global political elite and triggered investigations into prominent figures worldwide.

The data of Tarte Cosmetics' customers was left publicly exposed via two unsecured MongoDB databases, which were later accessed by the Cru3lty ransomware gang.

The hackers reportedly had control over Coinhive's domain name for around six hours.

The botnet has now been christened "Reaper" and is said to be expanding at a rapid pace, using unpatched vulnerabilities to infect millions of devices.

According to Group-IB, a cybersecurity firm, the virus now spreading is dubbed "BadRabbit" and is a form of ransomware that locks down machines and demands bitcoin.

The US government barred federal agencies from using Kaspersky's anti-virus products because of concerns about its ties to the Kremlin and Russian spy operations.

The malware is capable of stealing victims' contacts, reading and sending SMS messages and locking out users from accessing their phones.

So far, the ongoing FBI investigation has resulted in three cases against defendants across the US.

NCSC head Ciaran Martin confirmed that "hostile" nation-state hackers had hit Northern Ireland infrastructure in "significant" attacks.

Experts from ESET, a Slovakian antivirus company, said this week (23 October) that both Google and the real Poloniex crypto exchange have been notified.

The two-page file, lifted from the conference's website, was created on 4 October and researchers from Cisco Talos said attacks peaked three days later.

Hackers infected the installers of the Eltima Player and Folx apps with the Proton malware, which in turn was downloaded by unsuspecting users.

Research suggested that the new botnet is evolving at a rapid pace, and could soon be weaponised to launch cyberattacks in the same fashion as "Mirai" last year.

The programme encourages researchers to scour for bugs in select popular apps created by Google as well as third-party developers,

"According to our intelligence services, the Russian government has made a project of turning Americans against each other," Bush said.

The zero-day vulnerability, which was previously exploited by the BlackOasis group, was made public and patched on 16 October.

The hacker group has been active since 2014 and is particularly interested in naval industries, primarily focusing on targets in the US, Western Europe and the South China Sea.

Symantec researchers said these infected apps were downloaded between 600,000 and 2.6 million times.