Crooks are using out-of-date CMSs, mainly WordPress and Joomla sites, to hijack Web traffic and redirect users to rogue websites hosting the Neutrino exploit kit that’s infecting victims with the CryptXXX ransomware. According to Web security firm Sucuri, this latest campaign, dubbed Realstatistics, has been raging on for the past two weeks, with at least 100 new infected websites detected every day, based on the company’s telemetry data.
Researchers at security firm ESET have come across a malicious toolkit used by threat actors in cyber espionage operations targeting government organizations in Central and Eastern Europe. The toolkit, dubbed by ESET “SBDH” based on a string found in its downloader, is designed to exfiltrate specific files from the systems of targeted organizations. Several instances of the malware have been observed by the security firm over the past year in attacks aimed at government and public institutions.
A disturbing new malware called “Hummingbird” has been discovered since February of this year, but it wasn’t until recently that the existence of the security threat has been fully understood. Infecting nearly 10 million Android devices all over the world, the malware is reportedly raking in at least $300,000 a month for its makers. As for its makers, the group responsible for the malware also reportedly controls more than 85 million devices through a variety of fake apps and other security threats.
Security firm Bitdefender has issued an alert about a malicious app that hands over control of Macs to criminals via Tor. The software, called EasyDoc Converter.app, is supposed to be a file converter but doesn’t do its advertised functions. Instead it drops complex malware onto the system that subverts the security of the system, allowing it to be used as part of a botnet or to spy on the owner.
Massive collections of passwords from various online services are being posted online (the dark web, mostly) at an alarming rate. Due to a possibly related string of megabreaches, over 640 million passwords have been compromised. Katy Perry and other celebrities have seen their social media accounts hacked. Indeed, a surprising percentage of people re-use passwords across multiple sites, so a stolen LinkedIn password may very well get you into a victim’s Twitter, Facebook, Snapchat and Google accounts.
Here are few tips to protect your password so it can protect you.
- Check your email address against a breach database.
There is no guarantee that you’re in the clear, but sites like LeakedSource or Troy Hunt’s haveibeenpwned.com can tell you if your email is among the millions recently compromised. If it is, go change all your passwords.
- Always create strong passwords.
In general, hackers are smarter, faster and more devious than the rest of us. That’s why U.S. businesses spend billions of dollars each year trying to keep up with them.
- What businesses can do.
Enforcing the use of strong passwords should be central to every organization’s cyber security program, because access to so many services, vendors, applications, devices, databases and industrial systems is now controlled and secured via passwords.
- Privileged account management solutions
Automate, monitor, and enforce password policy adherence. Other important features include account risk assessments, comprehensive protection of privileged credentials, endpoint device and application control and automated access monitoring and recording for audit and investigative purposes
Do not ignore breach notifications and take immediate action as instructed. Be aware of phishing scams and be skeptical of any request for personal or financial information you receive through an email, phone call or web page.
Strong passwords, security awareness, and good cyber habits are among best defenses against cybercrime.
If hackers are able to procure even one set of semi-valuable credentials, they can worm their way throughout an entire business network, setting up malware, ransomware and APTs, to be executed at their convenience. They can even use stolen credentials from your company to access your partners’, customers’ or vendors’ networks.
The SOC products Reveelium and SIEM will prevent any intrusion in terms of malware, malicious app in our monitored devices (Android devices, PCs, Laptops.).Contact Anglo African on 2331636 or contact@infosystems.mu for your security needs.