A lack of valued cyber-security skills has left businesses open to attacks resulting in reputation damage and data loss .Cyber-security skills shortage leaves companies vulnerable. Being aware of latest cyber-attacks and common attacks will help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers.
One of the most active Trojans this year has changed tactics and now installing backdoors on target machines instead of ransomware. Nemucod was used in several large campaigns in 2016, having reached a 24% share on global malware detections in March this year, Nemucod payloads were primarily ransomware families, most frequently Locky or the now-discontinued TeslaCrypt. But now it has changed to serve up a backdoor, the Kovtar.
If docking a phone at unfamiliar charging stations wasn’t iffy enough, a “video-jacking” attack by Aries Security researchers highlights yet another attack vector to consider. Similar to “juice jacking,” the attack can be carried out using roughly US $220 (£170) worth of equipment hidden inside what appears to be the charging station to essentially see everything a user sees, taps and does with their device including seeing a user’s password entered when they unlock their screen.
The local council of the Australian city of Brisbane has been fleeced of A$450,000 (£248,000, US$334,000) from email-whaling scammers who tricked staff into wiring money into their bank accounts. The scammers phoned and emailed the council posing as one of its suppliers. Lord mayor Graham Quirk has commissioned Deloitte to conduct a review into how the scam took place. Quirk told reporters the scammers gained the cash in nine payments made since 13 July.
Valley Anesthesiology and Pain Consultants, a large practice with more than 300 providers serving multiple hospitals across the greater Phoenix region, has suffered a cyber-attack affecting 882,590 patients. The incident affects all current and former employees and providers, the number of which was not disclosed. Forensics has found no evidence that data was actually accessed, but it cannot rule out the possibility that data was taken.
The security bug discovered in the Linux kernel’s implementation of the TCP protocol also affects a large portion of the Android ecosystem, mobile security vendor Lookout has discovered. According to researchers, CVE-2016-5696, the Linux TCP bug, affects around 80% t of all Android devices in use today, which is around 1.4 billion devices. The reason for this is because the Android OS is built on a modified version of the Linux kernel.
Anglo African brings to you Cyber Security Tips
- Set up your computer for automatic software and operating system updates. An unpatched machine is more likely to have software vulnerabilities that can be exploited.
- Choose strong passwords – Choose strong passwords with letters, numbers, and special characters. Create a different password for each important account, and change passwords regularly.
- Backup – Backing up your machine regularly can protect you from the unexpected. Keep a few months’ worth of backups and make sure the files can be retrieved if needed.
- Control access to your machine – Don’t leave your computer in an unsecured area, or unattended and logged on, especially in public places.
- Use email and the internet safely – Ignore unsolicited emails, and be wary of attachments, links and forms in emails that come from people you don’t know, or which seem “phishy.”
- Use secure connections – When connected to the internet, your data can be vulnerable while in transit. Use remote connectivity and secure file transfer options when off campus.
- Protect sensitive data – Reduce the risk of identity theft. Securely remove sensitive data files from your hard drive, which is also recommended when recycling or repurposing your computer.
- Use desktop firewalls – Macintosh and Windows computers have basic desktop firewalls as part of their operating systems. When set up properly, these firewalls protect your computer files from being scanned.
Most importantly, stay informed with latest cyber-attacks and security tips to better equipped your team mebers.
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. The SOC products Reveelium and SIEM can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu