Get trending information on exploits, and vulnerabilities every week to help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers
A new strain is wreaking havoc on computers around the globe. Brazilian firm Morphus Labs first discovered the Windows-based ransomware, which has been given the name Mamba. So far, Mamba has been found on computers located in Brazil, India and even the United States. Mamba has been spreading as a result of people being tricked into interacting with phishing emails.
At least 15,769 WordPress websites – and probably more – have been compromised this year, half slipping past Google’s Safe Browsing checks. Backdoored, providing criminals a means to load various malicious payloads, target visitors, and use the web sites for further attacks.Those backdoors are often harder for web integrity scanners to detect.
Malware authors have once again succeeded in bypassing Google’s security vetting processes, and planted four spyware applications in the company’s Play app store.Security vendor Lookout alerted Google to the existence of four apps incorporating the Overseer spyware, which exfiltrates information from users’ Android devices.
A recent investigation by InfoArmor revealed that a new tool has surfaced in the black markets. It allows hackers to attach malware in torrent downloads. The tool is being sold for a fee and is known as “RAUM”. The malware lets the developers access a victim’s banking information and other passwords.
Few things any business can do to improve its security.
In spite of the growing and obvious cyber threat, not all businesses are taking even basic preventative steps. Without proper preparation, these companies risk losing critical data. Below are a few things any business can do to improve its security now.
- Translate Security Answers to another Language
Many times, security questions such as “What is your favorite book?” are much easier to break than passwords because they are susceptible to social engineering. Consider translating your answers to another language by using free online translation tools. Switching this up can serve to deter a hacker who may assume you’re sticking to only one language.
- Start Passwords with a Space
Many modern password cracking tools, like Cain & Abel, do not take spaces into account simply because they aren’t common in passwords. Adding one to your password can throw off complex hacking software. Spaces carry other benefits, too. If you need to write your password down, only you will know a space is also needed at the front or end of it.
- Don’t Depend on Just AES 256 Encryption
With just a few clicks, AES 256 encryption allows anyone using a PC or Mac to encrypt their files and protect them with a password. That said, there are holes, because AES 256 encryption is only as strong as the master password being used for the encryption. For example, if no randomness is used on data encrypted with AES 256, it is susceptible to the TLS CBC IV attack.
- Do not use NTLM if the Underlying Protocol is Insecure
If you are accessing a site via HTTP or FTP — both protocols for exchanging files over the Internet — never enter your credentials in a Windows authentication popup. Unlike HTTP or FTP, HTTPS and SFTP ensure data being sent from the host computer to the receiver isn’t available in plain text. HTTPS and SFTP ensure the entire transmission is encrypted, so no outside eyes can access usernames and passwords.
5. Use Drive Encryption Software
Use drive encryption software such as BitLocker on all machines. Even if you format your hard drive, sensitive data can easily be recovered from a machine if it is lost or stolen. Drive encryption software is a simple way to prevent this from happening, because it encrypts every bit of data on a storage volume.
- Create the Right Strong Password
Know that modern computers can break long passwords if they aren’t complex. Creating a strong password is more than just using a longer password or replacing letters with similar-looking numbers. The reason that some passwords take longer to crack is because the “key space” (the number of possible permutations) is larger if a password is longer. For instance, a password like “123456789” can be cracked in 15 minutes on a desktop computer, or instantly on a “super” computer. A password like “r3Dcr0W5” takes six years to crack on a desktop and 31 minutes on a super computer. Something more complex, like “%ZBGbv]8g,” takes three years to crack on a super computer.
Anglo African Solutions for your enterprise to fight against cyber attack;
SIEM
SIEM will do real time monitoring and alerting through filtering event logs received from different input types such as Firewall, servers and workstations.
An attempt to download infected files or receiving spam mails will be triggered as an alert in the SIEM through our Dashboards.
Reveelium
Log Correlation: DNS Logs collected from SIEM collector are analysed and correlated in Reveelium to detect abnormal behaviour within your information system infrastructure, blacklisted IP and websites. It will also tackle the following:
▪ APT, virus and unknown attacks detection,
▪ Data loss or data extraction avoidance,
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. The SOC products Reveelium and SIEM can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu