This Week in CyberSec Headlines, March 17, 2017

Malware Found Pre-Installed on Android Phones

CSCC Article: Malware Found Pre-Installed on Android Phones Indicates Supply Chain Security Breakdown

US Govt Indicts Russian FSB Officers Over Yahoo Hack

Yahoo, Russian Hackers and Government Officers Indicted in Connection With Yahoo Security Incidents, An Important Message About Yahoo User SecuritySecurityWeek, U.S. Government Indicts Two Russian FSB Officers Over Yahoo HackNew York Times, Russian Agents Were Behind Yahoo Hack, U.S. SaysThe Guardian, US charges two Russian spies and two hackers in Yahoo data breachWashington Post, Justice Department charges Russian spies and criminal hackers in Yahoo intrusionRadioFreeEurope, U.S. Indicts Two Russian FSB Officers In Yahoo Hack; One Charged By Moscow With TreasonThe Register, Russian! spies! ‘brains! behind! Yahoo! mega-hack!’ – four! Charged!CNN, DOJ: 2 Russian spies indicted in Yahoo hack

WhatsApp, Telegram Encrypted Messaging Apps Vulnerable

HelpNetSecurity, Vulnerability in WhatsApp and Telegram allowed complete account takeoverCheck Point, Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram AccountsThreatpost, WHATSAPP, TELEGRAM VULNERABILITIES EXPOSED USERS TO ACCOUNT TAKEOVER

Petya Ransomware Hides as PetrWrap Trojan

HelpNet Security, Organizations hit with Petya ransomware with a twist, Petya ransomware encrypts files, locks users our of computersSecureList, PetrWrap: the new Petya-based ransomware used in targeted attacks

US Air Force Data Exposed Online

HelpNet Security, Sensitive US Air Force data found exposed onlineBitDefender, Poorly-configured online backup leaks US Air Force documentsMacKeeper, MacKeeper Security Researchers Discover Sensitive United States Air Force DataIT Security Guru, US Air Force leak exposes ‘holy grail’ of top secret data including details of over 4,000 officersInternational Business Times, Booz Allen subcontracted firm leaked classified US military personnel data – Report

Vulnerabilities found in Double Telepresence Robots used in business, education, and telemedicine

SecurityWeek, Vulnerabilities Found in Double Telepresence RobotsHelpNet Security, Double Robotics Telepresence Robot can be hacked

POS Malware

DarkReading, New MagikPOS Malware Targets Point-of-Sale Systems In US & CanadaKrebs On Security, Google Points to Another POS Vendor BreachInfoSecurity Magazine, PoS Breach Hits High-End Eateries Across the US

W-2 Tax Scam Affects Cybersecurity Contractors

Krebs On Security, Govt. Cybersecurity Contractor Hit in W-2 Phishing Scam

Home Depot to Pay Banks $25 Million for 2014 Breach

SecurityWeek, Home Depot to Pay Banks $25 Million for 2014 Breach

Zero-Day Vulnerabilites Affect SAP HANA

HelpNet Security, Several high risk 0-day vulnerabilities affecting SAP HANA found