What has happened? A new outbreak of ransomware, a form of malware which encrypts your files and demands a ransom payment to recover them, has hit organisations globally. It appears to be a derivative of the previously seen Petya ransomware, but with some differences. Many researchers have cast doubt on whether this really is a variant of Petya or something just designed to look like Petya, hence it has been dubbed NotPetya. The outbreak began in the Ukraine with a compromised update to the MEDoc accounting software used by many Ukrainian companies. Due to its worm capabilities, which allow it…
ISBuzz Team
Second Security Serious Unsung Heroes Awards open for nominations as search gets underway to unearth those at the coalface of cyber security Eskenzi PR, the driving force behind Security Serious , has today announced the second annual Security Serious Unsung Heroes Awards are now open for nominations. The awards recognise the people, not products, on the front lines of organisations battling cyber threats and often saving the bacon of the companies they work for. Nominations are open until the end of July and The Unsung Heroes Awards will take place on Tuesday, 3rd October 2017, during Security Serious Week – a week during October’s European…
A drone flying too close to Gatwick airport led to the disruption on a number of flights, Raj Samani, Chief Scientist and Fellow at McAfee commented below. Raj Samani, Chief Scientist and Fellow at McAfee: “This drone was able to cause a huge amount of disruption in a short amount of time. While the authorities are still investigating the incident, the reality is that as drones continue to become more and more mainstream, drone regulation and security must be key priorities. The UK’s drone code was revised in November last year but drone flights are still causing major disruptions and endangering safety…
AA exposed emails, credit card data, but didn’t tell customers, Ilia Kolochenko, CEO at High-Tech Bridge commented below. Ilia Kolochenko, CEO at High-Tech Bridge: “At the moment, I would abstain from blaming anyone for the incident. Many important technical details are not clear yet, moreover some claims are contradictory. A verified journalistic source says that the database, and apparently AA’s entire web shop, were recently accessed by several unauthorized third-parties. Cybercriminals could easily be among them, meaning that we should be prepared that the entire 100k database is breached and will be for sale on the Dark Web soon. However,…
Impact to date: Initial indications report the infections began spreading across Europe, with first infections in the Ukraine, where over 12,500 machines were affected by the malware. Infections have spread across 64 countries so far, including Belgium, Brazil, Germany, Russia and the United States. The latest victims in the U.S. : Pittsburgh, where Valley Health Systems’ two hospitals were slammed, causing surgeries to be canceled The Law Firm of DLA Piper Merck Pharmaceutical Maersk Cargo – causing cargo delays Source and nature of this malware The current ransomware malware, called Petya/NotPetya, uses the same core components of the NSA released…
A new report, issued by FICO, revealed that European card fraud losses hit a record €1.8bn in 2016, and the UK had the highest card fraud losses in the region, hitting a new peak at £618m. The previous peak in the UK was set in 2008, before the introduction of chip and PIN. Ryan Wilk, Director at NuData Security commented below. Ryan Wilk, Director at NuData Security: “This rise in recorded fraud figures is astounding, and bad news for consumers who often bear the brunt of many direct costs (especially in account takeover and new account fraud). The increasing volume of attacks globally has also…
Microsoft is warning sysadmins to check their Azure Active Directory Connect configurations and implement a patch against a credential-handling vulnerability. The bug’s in an Active Directory (AD) feature called password writeback. Azure AD can be configured to copy user passwords back to a local AD environment. Leigh -Anne Galloway, Cyber Security Resilience Lead at Positive Technologies commented below. Leigh -Anne Galloway, Cyber Security Resilience Lead at Positive Technologies: “Azure AD Connect allows a customer to use “all-in-one” domain account to access on-premise applications in the internal infrastructure as well as many cloud services (Office365, Microsoft Azure etc.). So, if an attacker gains…
We’re only halfway through 2017, but the world has already seen at least 2 global ransomware attacks. According to a report by Kaspersky, ransomware attacks have increased by 11.4% in the past 12 months, to almost 2.6 million worldwide. The complete extent of each attack remains unknown yet, but cybercriminals have succeeded in locking out organizations as well as individuals from their systems and data. In the case of the more recent Petya ransomware attack, people are unable to retrieve their data even after making ransom payouts. Disabling access to sensitive data on computers and mobile devices not only causes…
On May 25, 2018, the UK is set to implement its General Data Protection Regulation (GDPR) and it could prove to be a seismic change for global businesses that don’t prepare for those changes that could result in costly fines. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “GDPR will prove to be a watershed moment for digital businesses. When enterprises realize they have no control or insight into the code executing in their websites, security teams will be forced to clamp down on the third-party vendors currently used to rendering consumer-facing content. As…
Kaspersky Lab analysis shows that at least half of the ExPetr encryption malware targets were various industrial organizations. The list includes electricity, oil and gas, transportation, logistics and other companies. ExPetr is a type of encryption malware. Upon infection of victim’s computer it encrypts the hard drive and makes the computer inoperable, showing a message to the victim demanding a ransom. As Kaspersky Lab researchers have recently discovered, ExPetr is built in a way that means it is completely impossible to decrypt files, even if the ransom is payed. For industrial facilities and critical infrastructure, the consequences of a successful…
