Cybersecurity rants & raves selected by XM Cyber analyst team.
Our purple hat team rate the news by interest and newsworthiness.
New ransomware unable to restore files it encrypted
Doctor Web security experts and cybercriminals, warn the malicious program attacks Windows OS users for profit. The ransomware featuring a malicious payload is distributed via Social media & network shares by geolocation. Mysteriously ransomware avoids Russia, Belarus, Kazakhstan! Hmmmm…
Trojan detected under DPH name.
eHackingnews
Mega attack on the land of Berylia?
Nope not real. NATO & partners create scenario for huge cyber-attack on fake country to test critical infrastructure defense vs. attacks. Phew!
The Register
Atlanta Spends $2.6M to recover from $52K Ransomware Scare
Recovery for SamSam ransomware attack cost city of Atlanta more than initial demand.
Biggest winners: Edelman PR firm cashes in on $50k whilst Ernst & Young earn $600k on incident response consulting. Holy cow!
Wired
Users clueless about router devices security, survey finds
Only 14% update firmware, despite vulnerabilities exploited by attackers, such as old login credentials. Only 31% changed WiFi network password.
Poor response attributed to unclear guidelines & education. One possible solution; router producers need to create one-click updates.
Bleeping Computer
Bank customers find they can access other accounts
Dream come true? IT nightmare?
Nearly 2M UK bank customers experiencing difficulties with account online, with some able to access other users’ funds after an IT upgrade went wrong. Apparently customers were’nt notified of the error. Not cool!
Infosecurity
Ransomware runs amok in 2017, crowned as most malicious sw.
Recently released Verizon report: Social engineering attacks with pretexting nearly tripled annually. Phishing simulations show that curiosity gets the better of 4% of people. Hacking, such as using stolen credentials was the leading method for facilitating a breach (48%). Malware in general was instrumental in 30% of breaches, while errors and social engineering attacks (17% each) came next. Some incursions involve overlaps of attack paths.