Nearly two-thirds (65%) of small businesses in the US fail to act following a cyber security incident, according to the 2018 Hiscox small business cyber risk report. The report also reveals that 47% of more than 1,000 small businesses polled had suffered at least one cyber attack in the past year, and that 44% that reported a cyber attack in the past year experienced two, three or four attacks. According to the report, seven in 10 businesses globally are unprepared for a cyber attack, but small businesses are disproportionately vulnerable because they are less likely to have strategies in place to ward off attacks, detect them early if they do occur, and reduce the damage.
New versions of the SamSam ransomware will not execute unless the person running the malware’s payload enters a special password via the command-line. This is a new protection mechanism added by the SamSam crew in a recent SamSam version discovered by Malwarebytes researchers. Previous versions did not feature this mechanism, meaning anyone who found a SamSam binary could have infected his computer by double-clicking and running the file.
A new malware campaign is roping systems into a botnet and providing the attackers with complete control over infected victims, plus the ability to deliver additional payloads, putting the victims’ devices at risk of Trojans, keyloggers, DDoS attacks and other malicious schemes. The malware comes equipped with three different layers of evasion techniques which have been described by the researchers at Deep Instinct who uncovered the malware as complex, rare and “never seen in the wild before”.
Aviation professionals enthusiasts have been told to change their passwords after flight-tracking site flightradar24/ warned of a data breach. The site offers real-time visualizations of commercial flights in transit with a freemium model. Subscribers get access to more historical data or to a package of services aimed at aviation professionals. However some subscribers have been sent emails that warn of a data breach.