December 2018

McAfee researchers analyze cybercriminal markets, reveal tactics, targets
https://www.helpnetsecurity.com/2018/12/19/analyze-cybercriminal-markets/
Excerpt:
“McAfee released its McAfee Labs Threats Report: December 2018, examining activity in the cybercriminal underground and the evolution of cyber threats in Q3 2018. McAfee Labs saw an average of 480 new threats per minute and a sharp increase in malware targeting IoT devices.”
The benefits and limitations of AI in cybersecurity
Zeljka Zorz
https://www.helpnetsecurity.com/2018/12/20/ai-cybersecurity-benefits-limitations/
Excerpt:
“Today’s AI cannot replace humans in cybersecurity but shows promise for driving efficiency and addressing talent shortage, a new report by ProtectWise has shown.”
Cybercriminals Use Malicious Memes that Communicate with Malware
Aliakbar Zahravi
https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-memes-that-communicate-with-malware/
Excerpt:
“Steganography, or the method used to conceal a malicious payload inside an image to evade security solutions, has long been used by cybercriminals to spread malware and perform other malicious operations. We recently discovered malicious actors using this technique on memes. The malware authors have posted two tweets featuring malicious memes on October 25 and 26 via a Twitter account created in 2017.”
Does your personality put you at risk for cybercrime?
https://www.helpnetsecurity.com/2018/12/19/personality-cybercrime/
Excerpt:
 
“Impulse online shopping, downloading music and compulsive email use are all signs of a certain personality trait that make you a target for malware attacks. New research from Michigan State University examines the behaviors – both obvious and subtle – that lead someone to fall victim to cybercrime involving Trojans, viruses, and malware.”
Hackers have become increasingly deft at stealing student data
https://www.helpnetsecurity.com/2018/12/18/stealing-student-data/
Excerpt:
“Data collection is a vital resource for educational institutions across the world, including student records, which contain highly sensitive material such as a student’s name, address and social security number, and often test scores, behavioral assessments, personal health data and more.”
Cybercrime gangs continue to innovate to hide their crimes
https://www.helpnetsecurity.com/2018/12/17/phishing-activity-trends-report-q3-2018/
Excerpt:
“According to the APWG’s new Phishing Activity Trends Report, after spiking in the spring, phishing has been taking place at a steady pace — but phishers are using new techniques to carry out their attacks – and obfuscate their origins – to make the most of every phishing campaign.”
Digital skills are critical for tackling the rising tide of cybercrime
Sheila Flavell
https://www.helpnetsecurity.com/2018/12/17/digital-skills-tackling-cybercrime/
Excerpt:
“The rising tide of cybercrime shows no sign of slowing. Whether it’s hacking, identity fraud or malware attacks, online criminals have proven themselves to be both relentless and ruthless. Targets have included public sector institutions, charities, even the UK’s National Health Service (NHS) was not spared.”
How one hacked laptop led to an entire network being compromised
Danny Palmer
https://www.zdnet.com/article/how-one-hacked-laptop-led-to-an-entire-network-being-compromised/
Excerpt:
“A corporate laptop being used in a coffee shop at a weekend was enough to allow a sophisticated cybercrime group to compromise an organisation's entire infrastructure.”
Hackers fooled Save the Children into sending $1 million to a phony account
Todd Wallack
https://www.bostonglobe.com/business/2018/12/12/hackers-fooled-save-children-into-sending-million-phony-account/KPnRi8xIbPGuhGZaFmlhRP/story.html
Excerpt:
“Save the Children Federation, one of the country’s best-known charities, said it was the victim of a $1 million cyberscam last year.”
Cyber-Criminal Gets 20 Months After Using Home-Made Fraud Device
Phil Muncaster
https://www.infosecurity-magazine.com/news/20-months-after-using-homemade/
Excerpt:
“A convicted cyber-criminal once dubbed “the acid house king” has been sentenced to 20 months behind bars for a new fraud campaign which saw him use a bizarre home-made device.”
ID Numbers for 120 Million Brazilians taxpayers exposed online
Pierluigi Paganini
https://securityaffairs.co/wordpress/78874/data-breach/brazilian-taxpayers-data-leak.html
Excerpt:
“In March 2018, security experts at InfoArmor discovered a misconfigured server online that contained taxpayer identification numbers, or Cadastro de Pessoas Físicas (CPFs), for 120 million Brazilian nationals. It is not clear how long data remained exposed online or who accessed them.”
Social engineering at the heart of critical infrastructure attack
Warwick Ashford
https://www.computerweekly.com/news/252454369/Social-engineering-at-the-heart-of-critical-infrastructure-attack
Excerpt:
“The UK is one of 24 countries targeted by a global malware campaign aimed at government, military, energy and financial sector organisations, uncovered by security firm McAfee.”
Attackers increasingly exploiting vulnerabilities to enlarge their IoT botnets
Zeljka Zorz
https://www.helpnetsecurity.com/2018/12/14/iot-botnets-vulnerabilities/
Excerpt:
“Attackers looking to add IoT devices to their botnets are increasingly adding vulnerability exploitation to their attack arsenal, Netscout researchers warn.”
Criminals, Not State Actors, Target Russian Oil Company in 3-Year Cyber Attack
Elizabeth Montalbano
https://securityledger.com/2018/12/criminals-not-state-actors-target-russian-oil-company-in-3-year-cyber-attack/
Excerpt:
“Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when  when drawing conclusions about high-profile cyber attacks.”
IT firms, telcos among dozens hacked in new info-stealing malware attack
Danny Palmer
https://www.zdnet.com/article/it-firms-telcos-among-dozens-hacked-in-new-info-stealing-malware-attack/#ftag=RSSbaffb68
Excerpt:
“A cyber espionage group is deploying a new type of trojan malware against telecommunications, information technology, and government organisations. Dubbed Seedworm, the group has been operating since at least 2017, and although it predominantly looks to infiltrate organisations in the Middle East, organisations based in Europe and North America have also been targets.”
Securing and managing the enterprise Internet of Things
Zeljka Zorz
https://www.helpnetsecurity.com/2018/12/12/secure-enterprise-iot/
Excerpt:
“A future where the Internet of Things spreads exponentially is almost certain. Seemingly everybody wants these devices: consumers for the helpful features and manufacturers for the ability to collect data about the product and consumers’ use of it.”
These hackers are using Android surveillance malware to target opponents of the Syrian government
Danny Palmer 
https://www.zdnet.com/article/these-hackers-are-using-android-surveillance-malware-to-target-opponents-of-the-syrian-government/
Excerpt:
“Hackers working on behalf of the Syrian government are targeting political opponents with surveillance malware being distributed in trojanised versions of messaging applications including WhatsApp and Telegram.”
Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/chinese-police-arrest-dev-behind-unnamed1989-wechat-ransomware/
Excerpt:
“Chinese law enforcement have arrested the developer of the UNNAMED1989 / WeChat Ransomware that recently took China by storm and infected over 100K users in a few days.”
A botnet of over 20,000 WordPress sites is attacking other WordPress sites
Catalin Cimpanu
https://www.zdnet.com/article/a-botnet-of-over-20000-wordpress-sites-is-attacking-other-wordpress-sites/
Excerpt:
“Crooks controlling a network of over 20,000 already-infected WordPress installations are using these sites to launch attacks on other WordPress sites, ZDNet has learned from WordPress security firm Defiant.”
Ransomware Infects 100K PCs in China, Demands WeChat Payment
Ionut Ilascu
https://www.bleepingcomputer.com/news/security/ransomware-infects-100k-pcs-in-china-demands-wechat-payment/
Excerpt:
“Over 100,000 thousand computers in China have been infected in just a few days with poorly-written ransomware that encrypts local files and steals credentials for multiple Chinese online services.”
Consumers believe social media sites pose greatest risk to data
https://www.helpnetsecurity.com/2018/12/06/social-media-sites-data-risk/
Excerpt:
“A majority of consumers are willing to walk away from businesses entirely if they suffer a data breach, with retailers most at risk, according to Gemalto.”
Security Incident Potentially Exposed 100 Million Quora Users’ Personal Data
David Bisson
https://www.tripwire.com/state-of-security/security-data-protection/security-incident-potentially-exposed-100-million-quora-users-personal-data/
Excerpt:
“A security incident at Quora potentially compromised the personal information and other details of approximately 100 million users.”
Rhode Island Health Provider Hit by Ransomware Attack
Sergiu Gatlan
https://news.softpedia.com/news/rhode-island-health-provider-hit-by-ransomware-attack-524076.shtml
Excerpt:
“Rhode Island's Thundermist Health Center was hit by a ransomware attack on Thursday which disrupted some of its computing systems leading to canceled appointments.”
U.S. Military Members Catfished and Hooked for Thousands of Dollars
Tara Seals
https://threatpost.com/u-s-military-members-catfished-and-hooked-for-thousands-of-dollars/139569/
Excerpt:
“Prisoners in South Carolina posed convincingly as beautiful women on social media platforms. A sextortion ring that aimed “catfish” efforts at U.S. military service members has been uncovered. The scam bilked 442 service members from the Army, Navy, Air Force and Marine Corps out of more than $560,000.”
80% of enterprises struggle to protect machine identities
https://www.helpnetsecurity.com/2018/12/05/enterprises-protect-machine-identities/
Excerpt:
“A study conducted by Forrester Consulting examined the views of 116 IT security professionals from financial services and insurance organizations in the U.S., U.K., Germany, France and Australia.”
Microservices becoming architectural style of choice for application development
https://www.helpnetsecurity.com/2018/12/05/microservices-application-development/
Excerpt:
“Microservices – a software development technique where an application is created by combining numerous smaller services – have evolved from fad to trend, becoming an architectural style of choice for new application development and the migration target for many existing systems, according to O’Reilly.”
Major flaws uncovered in leading IoT protocols
https://www.helpnetsecurity.com/2018/12/05/flaws-iot-protocols/
Excerpt:
“Trend Micro warned organizations to revisit their operational technology (OT) security after finding major design flaws and vulnerable implementations related to two popular machine-to-machine (M2M) protocols, Message Queuing Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP).”
Moscow's New Cable Car System Infected with Ransomware the Day After it Opens
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/moscows-new-cable-car-system-infected-with-ransomware-the-day-after-it-opens/
Excerpt:
“Moscow recently opened its first cable-car service and promised free rides for the first month. Unfortunately, only days after after the service was made available, attackers reportedly hacked into the cable car systems and infected them with ransomware.”
Experts found data belonging to 82 Million US Users exposed on unprotected Elasticsearch Instances 
Pierluigi Paganini
https://securityaffairs.co/wordpress/78643/data-breach/elasticsearch-instances-data-leak.html
Excerpt:
“Security experts at HackenProof are warning Open Elasticsearch instances expose over 82 million users in the United States.”
Why hospitals are the next frontier of cybersecurity
Ofer Schreiber
https://www.helpnetsecurity.com/2018/12/04/hospitals-cybersecurity/
Excerpt
“Hospital cybersecurity is a pressing problem with unique challenges and incalculable stakes. The healthcare industry’s accelerating adoption of sophisticated networks, connected devices and digital records has revolutionized clinical operations and patient care but has also left modern hospitals acutely vulnerable to cyber attack. Recent high-profile hacks have brought these mounting threats sharply into focus. However, despite increasing efforts and awareness, a number of technological, cultural and regulatory issues complicate healthcare cybersecurity.”
Read full article