1. KillDisk - the world's biggest Ransomware?: KillDisk malware was originally used in the Ukraine
energy attacks of 2015. Now researchers have found a Linux variant of it, which
makes the Linux machine unbootable. It also demands an unusual high Ransom of
222 BTC (approx. $200K). Prevention is the best solution to Ransomware. Regular
Backups & good Web Security solutions recommended.
2. Koolova Ransomware:
Users infected with this Ransomware can obtain the decryption key for free if
they read two articles about Ransomware. This certainly is not the best way to
build awareness about Ransomware. 'Popcorn
time', another interesting Ransomware in news last month required the
victim to infect two others to obtain the decryption key for free.
3. Ransomware in Schools:
In UK, cybercriminals pretending to be Govt. officials have been cold-calling
schools to obtain email ids of key staff, to email them 'Supposedly' important
docs. These docs actually contain malware which encrypts the school's machines.
The hackers then demand a ransom of £8000. Similar scams are run by sending malware
infected fake POs to sales organizations and fake resumes to HR depts..
4. Mongo DB under attack:
MongoDB had an vulnerability in which the database could be accessed without
any authentication. A patch was later made available but some of the admins did
not patch. Hackers are now deleting such databases before making a copy, they
are willing to return the data for a Ransom of 0.2BTC ($150). Thousands have
been affected; Upgrade of MongoDB strongly recommended.
5. Tech support scam hits Mac: Users not on the latest Mac OS are prone to this malware
infection, which opens several draft email windows with subject line
"Virus detected call support on +1-800-xyz). This goes on till the laptop
suffers memory issue and crashes. The trick is to get the victims to call,
scare them to sell support which they really do not need. See image below.
6. D-Link Sued: After
the recent
massive DDoS
attacks, the US watchdog FTC has sued D-Link for its poor security.
This move by FTC will go a long way in improving the security of IoT devices which
the manufactures have not taken very seriously - most likely to keep their
costs low. Usage of default passwords allows hackers to break-in easily; it is
strongly recommended to avoid using default passwords.
7. FTC announces $25K reward: Keeping in mind the role IoT played in the recent
massive DDoS
attacks, FTC has announced a reward of $25K to anyone who can create a
solution that will patch all vulnerable IoT devices. A serious challenge in IoT
is that many of these devices do not have ability to be patched remotely. Issue
88 - we saw a Chinese company admitting its products were misused to
launch the DYN attack, later the company recalled some of the devices.
8. Netgear announces Bug Bounty program: Last week, Netgear launched its Bug Bounty program in
which it will reward hackers up-to $15K for responsible reporting of flaws
found in its products. Several companies offer such programs the biggest one
being that of Zerodium which offers $1.5M
for bugs in iOS 10 Zero-day exploits.
9. Critical RCE bugs patched: Websites using PHPmailer/ Swiftmailer/ Zendmail, were
vulnerable to a RCE (Remote Code Execution) bug. Using contact/registration
forms - hackers could run arbitrary code thereby compromising the site. All the
vulnerabilities have now been patched. Admins can consider updating.