It has been reported that Off-the-shelf malware kits and mass phishing campaigns are enabling a small group of Nigerian cybercriminals to conduct hacking campaigns against targets around the world – and the threat they pose to organisations is increasing. The group, dubbed SilverTerrier, isn’t a sophisticated operation, but has access to a number of malware families – including information stealers and remote-access trojans – which are distributed with the aim of infecting victims and stealing data. Eyal Benishti, CEO & Founder at IRONSCALES commented below. Eyal Benishti, CEO & Founder at IRONSCALES: “Phishing is not new- but this just goes to…
ISBuzz Team
With the one-year anniversary of WannaCry (May 12th) approaching, two cybersecurity experts with Juniper Networks commented below on what’s changed and what hasn’t, and advice on what works to minimize the impacts of ransomware attacks. Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks: “Immediately after the WannaCry epidemic last year, most security researchers advised people to disable SMBv1 entirely and make sure SMBv2 was not exposed to the internet. One year later and we are still seeing about 2.3M devices with SMBv1 exposed to the internet, with the majority of these vulnerable machines in the UAE, US, Russia, Taiwan and Japan. “As we continue to…
Having caused IT teams – and indeed businesses – turmoil throughout the past number of months, the dreaded General Data Protection Regulation (GDPR) enforcement deadline is now just a matter of weeks away from implementation. 25th May marks the day that European industries will see if their exhaustive preparations will finally come to fruition, and find out, once and for all, whether they are GDPR compliant. As most in the IT industry are well aware of by now, failure to comply with the impending regulations could land their companies with significant fines of up to 20 million euros, or 4% of…
Kaspersky Lab ICS CERT has analyzed the OPC UA (Object Linking and Embedding for Process Control Unified Automation) protocol, which is designed for secure data transfer between servers and clients in industrial systems, including critical infrastructure. Analysis discovered 17 zero-day vulnerabilities in the protocol’s implementation, leading to denial-of-service threat attacks, as well as remote code execution. In addition, several flaws were found in commercial products built on the protocol. All vulnerabilities were reported to the developers and were fixed by the end of March 2018. OPC UA is an industrial protocol, which was developed and released by the OPC…
Hackers targeting a critical vulnerability in the Drupal Content Management System have been able to infect more than 400 websites with cryptomining malware. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “While malware actors have targeted Drupal’s CMS vulnerabilities, there are many ways they have used cryptomining software to hijack user’s CPUs. IT teams should be aware of many other ways that cryptomining malware can be used. Other methods include botnets, which have awarded malware authors with millions of dollars; infected digital ads; website plugins, which have also affected more than 4,000…
It has been reported that with the cybersecurity talent shortage projected to hit 1.8 million unfilled roles by 2020, the industry must start attracting younger workers to fill jobs and protect businesses. However, the field faces a problem: Only 9% of millennials said they are interested in pursuing a cybersecurity career at some point in their lives, according to a Tuesday report from ProtectWise and Enterprise Strategy Group. The lack of interest in cybersecurity does not stem from a lack of interest in tech, the report found: Of the 524 millennials and post-millennials surveyed, 48% had been part of a STEM program…
A new study from the Berkeley School of Information* reports that the cost to IoT device owners whose IoT devices that were subverted into a Botnet ande used in the 2016 DDoS attack on the Krebs on Security site that knocked it offline for four days, found that it may have cost device owners a total of $323,973.75 in excess power and added bandwidth consumption or broken down amongst 24,000 attacking drones, the per-device cost comes to just $13.50. Bob Noel, Director of Strategic Relationships and Marketing at Plixer commented below. Bob Noel, Director of Strategic Relationships and Marketing at…
In response to President Trump’s remarks on the Iran nuclear agreement this evening, Priscilla Moriuchi, Director of Strategic Threat Development commented below. Priscilla Moriuchi, Director of Strategic Threat Development at Recorded Future: “President Trump’s actions have placed American businesses at increased risk for retaliatory and destructive cyber attacks by the Islamic Republic. We assess that within months, if not sooner, American companies in the financial, critical infrastructure, oil, and energy sectors will likely face aggressive and destructive cyber attacks by Iranian state-sponsored actors. Further, our research indicates that because of the need for a quick response, the Islamic Republic may…
Overshadowed by other regulations, the NIS Directive will come into effect tomorrow, 10th May, to ensure that information systems used by operators of essential services and relevant digital service providers are secured against cyber-attacks. The relevant sectors include energy (electricity, oil and gas), transport (air, rail, water and road), healthcare and digital infrastructure. IT security experts commented below. Charlie Wedin, Cyber Security Expert at Osborne Clarke: “The NIS Directive will be critical to ensure essential services in the UK remain ‘on’ during even the most extreme cyber-attacks. In recent years, the number of cyber-attacks against national infrastructure has risen dramatically, and this demonstrates just how attractive these systems have become…
Greg Wiseman, Senior Security Researcher at Rapid7: “Microsoft has released patches that resolve over 60 separate vulnerabilities including an update for Flash Player that addresses a critical Remote Code Execution (RCE) vulnerability. As usual, the majority of fixes are browser-related, but Microsoft Office is also seeing its fair share this month. Not Microsoft-specific, CVE-2018-8897 is the result of nearly all operating system vendors incorrectly handling debug exceptions coming from Intel architecture chips. Nobody wants to see another cross-platform, chip-related security issue, but CVE-2018-8897 is a nice example of coordinated disclosure. Advisories came out today from Microsoft, Apple, VMware FreeBSD and various…
