Skip to main content
This is a weekly highlight of the best articles and news going on in the Community.

 

See any stories that catch your interest? What would you like to see in the future? Let us know in the comments below!

 



 

 

Webroot’s New Blog Page!

 

Webroot has a new page for our blog, stop by and check it out!

 

_____________________________________________________

 

What Social Media Platforms and Search Engines Know About You

 

As Facebook founder and CEO Mark Zuckerberg testifies before the US Congress this week on protecting user data, here is a primer on what they know about you:

  

Facebook, which has more than two billion users, has access to everything you do on the site: the photos and videos you post, your comments, your 'likes,' anything you share or consult, the identity of your friends and any other users you interact with, your location and other information. 

 

Ditto for Instagram and WhatsApp, which are owned by Facebook, and for Snapchat and Twitter. A user can control some sharing of their Facebook data with privacy settings and the ad preferences page. See here for the full Article!

 

_____________________________________________________

 

Stealing Credit Cards from FUZE via Bluetooth

 

This article covers FUZE Card, a Bluetooth-enabled reprogrammable credit card. The size and shape of a regular credit card, FUZE promises to be "your whole wallet in one card."



After receiving a FUZE Card from @MBHbox (his blog), I decided to take a careful look at it. In the process, I X-rayed the card, fully reverse engineered its Bluetooth protocol, and found a security vulnerability that allows credit card numbers to be stolen via Bluetooth (CVE-2018-9119).



ICE9 reported this vulnerability to BrilliantTS, the maker of FUZE, but they did not respond to repeated follow-ups and did not take action on the basis of our report. As of this writing, CVE-2018-9119 continues to be exploitable on production FUZE Cards in the wild. See here for the Full Article!

 

_____________________________________________________

 

 

TrickBot banking trojan updated with new module

 

It's baaaaaaack.

 

Since inception in late 2016, the TrickBot banking trojan has continually undergone updates and changes in attempts to stay one step ahead of defenders. While TrickBot has not always been the stealthiest trojan, its authors have remained consistent in the use of new distribution vectors and development of new features for their product. On March 15, 2018, Webroot observed a module (tabDll32 / tabDll64) being downloaded by TrickBot that has not been seen in the wild before this time.

 

It appears that the TrickBot authors are still attempting to leverage MS17-010 and other lateral movement methods coupled with this module in an attempt to create a new monetization scheme for the group.

 

We go in depth on our blog into the behavioral analysis of TrickBot and provide insight into what might happen next. See here for the full article!

 

_____________________________________________________

 

RSA Conference 2018

 

Webroot will have a booth setup at the RSA Conference in Moscone Center in San Francisco from April 16-20! If you happen to be visiting the conference, stop by and say Hi! For more information about RSA, visit here!

 

 
Thanks Lara!

 

Cheers,
Thanks. Great info, but one feedback. When you have lines like this: 

"It appears that the TrickBot authors are still attempting to leverage MS17-010 and ...", any chance you could make the name (MS17-010) a link to more info? I have no idea what MS17-010 was. 

 

Thanks
@ wrote:

Thanks. Great info, but one feedback. When you have lines like this: 

"It appears that the TrickBot authors are still attempting to leverage MS17-010 and ...", any chance you could make the name (MS17-010) a link to more info? I have no idea what MS17-010 was. 

 

Thanks

 

Here is some info on MS17-010: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
Thank you Lara.
Why Thank you Lara! 🙂
Thanks Daniel. I did go and Google it finally (when I got home) , but looked at your post first on my phone, and multipe browser windows is still not a good experience on a phone.  I appreciate the link.

 

Reply