Zero Day Weekly: Hacking Team, Lizard Squad, OpenSSL patch, OPM director quits

Notable security news items for the week ending July 10, 2015. Covers enterprise, controversies, application and mobile security, malware, reports and more.


Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending July 10, 2015. Covers enterprise, controversies, reports and more.

  • All U.S. flights on United Airlines were grounded for about two hours early on July 8 due to what the airline calls a "network connectivity issue" that kept airplanes out of the skies. The outage was reported by the airline to the FAA, which led to a stop that grounded the airline's mainline jets; an estimated 4,900 flights were impacted by the problem worldwide.
  • A malicious version of BatteryBot Pro App for Android was found on Google Play this week. The rogue app is designed to conduct ad fraud, send SMS messages to premium rate numbers, and download additional threats. BatteryBot is an application that monitors the battery of Android devices, and is installed on between 100,000 and 500,000 user devices.
  • A key Lizard Squad member has been convicted of 50,700 charges related to computer crimes this week, according to Finnish newspaper Kaleva. Julius "zeekill" Kivimaki, 17, recieved a two-year suspended sentence and must undergo monitoring of his online activities, according to Finnish media. He will not go to prison.
  • Some PDF files shown to Google are not the web pages seen by users. Although Google takes steps to prevent black hat search engine optimization (SEO) tactics, researchers with Sophos have observed an effective technique involving PDF files that could be used to promote potentially malicious websites.
  • TerraCom and YourTel America failed to adequately protect the personal information of more than 300,000 customers, the FCC said. The mobile and telecom service providers will pay a combined US$3.5 million after the U.S. Federal Communications Commission found that they were storing customers' personal data on unprotected servers accessible over the Internet.
  • Another day, another OpenSSL patch: The latest OpenSSL security hole (which allows attackers to impersonate any trusted server) isn't a bad one as these things go. It's no Heartbleed, Freak, or Logjam. But it's serious enough that, if you're running alpha or beta operating systems, you shouldn't delay patching it.
  • The director of the FBI called for a "robust" debate on encryption on Monday. FBI chief James Comey (again) warned that the increasing use of strong encryption will make it harder for law enforcement to access email or other digital conversations. Interestingly, he added, "It may be that, as a people, we decide the benefits here outweigh the costs and that there is no sensible, technically feasible way to optimize privacy and safety in this particular context, or that public safety folks will be able to do their job well enough in the world of universal strong encryption. Those are decisions Americans should make ... "
  • The attackers that targeted Apple, Facebook, Microsoft, and Twitter two years ago in a series of high-profile hacks are still active. The gang, which Symantec calls Butterfly, is not-state sponsored, rather financially motivated. It has attacked multi-billion dollar companies operating in the internet, IT software, pharmaceutical and commodities sectors. Twitter, Facebook, Apple and Microsoft are among the companies who have publicly acknowledged attacks. The hacking group, motivated by financial gain, is thought to target companies on request, and "ought to be taken seriously by corporations," said the research.
  • The New York Stock Exchange abruptly halted trading of all securities just after 8:30AM PT/11:30AM ET on Wednesday, prompting widespread speculation online that it had been hacked. The halt was part of two malfunctions the NYSE incurred that day. Such an event is not unprecedented. For example, nearly two summers ago Nasdaq halted trading abruptly due to technical difficulties.