This morning, cybersecurity research firm FireEye released a report on how cyber attackers increasingly targeting organizations with multimillion-dollar disruptive ransomware via “FakeUpdates,” or imposter browser updates. The research furthers the notion that attackers are continuing to evolve their TTPs especially as fewer victims opt to pay the ransom.
ISBuzz Team
Hagai Katz, head of Government Sector at Check Point explores how nation states can and should prevent cyberattacks against their critical assets and citizens. In the spring of 2007, Estonia became the first nation state in the world to fall victim to a massive, targeted cyberattack. An enormous distributed denial of service (DDoS) attack paralysed government and other critical websites, as well as systems such as banking infrastructure across what was at the time one of the world’s most connected countries – forcing the country to disconnect itself from the Internet to allow services to recover. Since then, large-scale attacks…
Microsoft and others have launched a new non-profit which aims to reduce the “frequency, impact and scale” of cyber-attacks on citizens and critical infrastructure (CNI). The Hewlett Foundation and Mastercard, alongside other unnamed “leading organizations,” have joined Microsoft as initial funders of the CyberPeace Institute. Its three core functions are to: help and defend civilian victims of cyber-attacks, including by mobilizing a new CyberVolunteer Network, analyze and investigate attacks, to raise understanding and drive global accountability and promote cybersecurity norms of responsible behavior by nation states.
It has been reported that concerns that planes could be targeted in cyberattacks are prompting U.S. officials to re-energize efforts to identify airliners’ vulnerability to hacking. The revived program, led by the Department of Homeland Security and involving the Pentagon and Transportation Department, aims to identify cybersecurity risks in aviation and improve U.S. cyber resilience in a critical area of public infrastructure, a DHS official said. DHS is offering few details on the program but says it will involve some limited testing of actual aircraft.
An attack campaign targeting primarily the U.S. and Europe is leveraging two legitimate tools, the Node.js framework, and WinDivert, to install “fileless” malware that appears to either turn victims’ systems into proxies or perpetrates click fraud. Microsoft, which discovered the campaign in mid-July, said thousands of machines have been targeted in the last several weeks alone, the majority of which belong to consumers. Users are typically infected while browsing online, either by clicking on a malicious HTA file or when served a malvertisement. The JavaScript code in the HTA file downloads a second-stage component, which in turns launches PowerShell commands…
As reported by the Australian Associated Press, hospitals in the Australian state of Victoria were hit with a suspected ransomware attack on Monday afternoon. The government said that while patient data was not accessed, patient record, booking and management systems were forced offline while investigation into the incident takes place. This comes just months after an audit of Victoria’s public health system found that “all the audited health services are vulnerable to [cyber] attacks that could steal or alter patient data. https://twitter.com/MarkPadginton/status/1178883407847272448
A hacker has stolen the account data of 218 million players of Zynga’s “Words with Friends”. Zynga warned its users about the breach a couple of weeks back and urged them to reset their passwords, but the incident has also compromised a smaller number of players of two other games. https://twitter.com/mobilesecurity_/status/1178281134834294784
It has been reported that a new vulnerability in Apple’s iOS operating system is sitting on hundreds of millions of iPhones, iPads and iPods, according to the researcher who found it. The hack has been dubbed checkm8 by a researcher who goes by the name axi0mX, who described the hack as “a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.” That means hackers can take the code released by axi0mX on Github and potentially load the firmware (the core of the operating system) onto an iPhone. In turn, that means they have stripped Apple’s control away from the device and could do…
October officially welcomes the start of a spooky season. Summer is over, the days are shorter, pumpkin patches are overflowing and Halloween decor is around almost every corner. So, what better time to protect yourself from potential IT scares than National Cyber Security Awareness Month? Having tight cyber security in place is imperative for IT companies. With a huge amount of important data now being logged online, it is vital to keep employees’ and customers’ information safeguarded. Information Security Buzz spoke with number of technology experts who discuss the importance of staying vigilant with IT security, whilst sharing tips to…
A report by the Oxford Internet Institute has found that organised social media manipulation has more than doubled since 2017 with 70 countries now sharing misinformation online. It also claims that 45 democracies, politicians and political parties used computational propaganda tools to gather fake followers or spreading manipulated media to garner voter support. In 26 authoritarian states, government entities used computational propaganda as a way to control information, suppress public opinion and press freedom, discredit criticism, and drown out political dissent, such as China’s attempt to quash recent protests in Hong Kong.