$100M ‘GozNym’ Bank Trojan Gang: 6 Arrested, 5 at Large

Who Ya Gonna Call? Goz’busters

These five handsome specimens are wanted for an alleged conspiracy—to steal $100 million from bank accounts. Six others are in custody after a coordinated operation by European and U.S. law enforcement. All are said to be part of the GozNym malware network.

The perps allegedly have infected 41,000 PCs via phishy spam campaigns. They’re alleged to have extracted money in real time, as victims typed in their banking credentials.

It’s a win for international cooperation. In today’s SB Blogwatch, we can’t unsee those faces.


Read more: securityboulevard.com/2019/05/100m-goznym-bank-trojan-gang-6-arrested-5-at-large

Cisco clueless about security, apparently: Meet Thrangrycat

3x U+1F63E: pissed pussies

Hundreds of Cisco products are vulnerable to a secure-enclave takeover. Dubbed Thrangrycat, it permits an attacker to hide a persistent threat inside the Trust Anchor module (TAm) of any number of Cisco networking boxes.

The kicker: The software image loaded by the TAm—the “bitstream”—is not encrypted, nor verified. I mean, seriously, what’s the point of it all?

Shouldn’t we all just give up now? It’s tempting. In this week’s Security Blogwatch, we try to ignore the researchers’ stupid, stupid use of emoji to name a vuln.


Read more: techbeacon.com/security/cisco-clueless-about-security-apparently-meet-thrangrycat

WhatsApp Zero-Day let NSO Spyware Pwn Phones

Oh No, NSO

A buffer-overflow vulnerability in WhatsApp is being exploited to remotely take over victims’ devices. All it took was a missed call to infect the app on iOS and Android.

The payload seems to have been the NSO Group’s Pegasus commercial spyware. This Israeli nasty is known for use against journalists, activists, lawyers, etc.—basically anyone certain governments want to spy on.

The patch is now available. In today’s SB Blogwatch, we scramble to update.


Read more: securityboulevard.com/2019/05/whatsapp-zero-day-let-nso-spyware-pwn-phones

Russia’s ‘Fake News’ Swirls in U.S. and Europe

Vlad Mad Bro?

Here come yet more stories of Russia interfering in elections, Moscow-sponsored attempts to sow discord and Putin-led conspiracy-theory spreading. But it has to be said: These tales are suspiciously thinly sourced.

This time, it’s happening in the theater of European Parliament elections. But there’s also a renewed effort to convince Americans that 5G will kill their children. Or something.

Sure, there could be a there there—but where? In today’s SB Blogwatch, we break out the popcorn.


Read more: securityboulevard.com/2019/05/russias-fake-news-swirls-in-u-s-and-europe

Photo App Pivots to Violating Its Users’ Privacy

MFW I Learned: WTF?

Ever AI is accused of playing fast and loose with user privacy. An investigation alleges it’s been using billions of private photos from millions of users to train an AI facial-recognition product—aimed at enterprises, police forces and the military.

The app, formerly known as EverRoll, doesn’t get informed consent from its users, say critics. Since the story broke, the company has updated its privacy policy a little, but that’s hardly the point.

On the face of it, this isn’t a good look for Ever. In today’s SB Blogwatch, we go live in a cave, forever.


Read more: securityboulevard.com/2019/05/photo-app-pivots-to-violating-its-users-privacy