Today, cybercrime is more prevalent than ever before as it provides easy pickings for the modern digitally-smart criminal. Cyber-attacks are more advanced and audacious, as well as more varied in focus, from stealing intellectual property, to writing malicious code, or to lodging political protests. Being aware of latest cyber-attacks and common attacks will help your organisation to be better equipped to avoid being victim of cybercrimes. Anglo African brings you the weekly cyber-attack news wrap-up and remedy tips to support your business to defend against hackers
Security researchers have discovered a sophisticated strain of malware which has shifted across platforms in order to target Mac OS X users. Kaspersky Lab security experts revealed the existence of Backdoor.OSX.Mokes, an OS X-based variation of the Mokes malware family which was discovered back in January. The malicious code is now able to operate on all major operating systems including Windows, Linux and Mac.
Net scum are still finding ways to take down users with a decade-old Windows Media Player attack. The vector is a reborn social engineering hatchet job not seen in years in which attackers convince users to run executable content through Windows Media Player’s Digital Rights Management (DRM) functionality. Windows Media Player will throw a DRM warning whenever users do not have the rights to play content, opening a URL through which a licence can be acquired.
A new banking Trojan – Gugi – has managed to bypass the security permission feature introduced by Google in the Android 6.0 Marshmallow operating system to steal banking credentials of users. The Trojan is mostly spread by SMS spam with an aim to overlay banking apps with phishing windows in order to steal user credentials for mobile banking.
If you get a tweet from what appears to be an official PayPal support account on Twitter, take the time to double-check the source – because currently, there is a phishing scam doing the rounds using false accounts to try and trick users into giving up their logins.
Primary steps that state and local governments should take towards improving cyber preparedness
- Prioritize cyber. The first step toward cyber preparedness is for the leadership to recognize cybersecurity as a matter of systemic importance and to elevate cyber preparedness on the overall governance agenda.
- A comprehensive assessment regarding the current level of cyber preparedness will help with the development of both a realistic plan for improvement and allocation of resources to efficiently execute on that plan.
- Enhance and remediate. Once cyber preparedness has been fully assessed, government leaders must then develop a comprehensive yet realistic and manageable plan, with concrete and measurable milestones, to bring about meaningful improvement to its overall cybersecurity posture. A comprehensive plan will necessarily include upgrades to the information systems and the controls on those systems, modifications to the policies and procedures that regulate the use of technology and the security protocols in place to protect sensitive information and critical government systems.
- Ongoing vigilance. In the cyber domain, continual improvement is absolutely vital. Given rapid technological advances and the growing global reliance on the connected world, today’s cutting-edge cyber program will be woefully inadequate tomorrow. It is therefore critical that state and local governments commit to ongoing vigilance through a plan for regular assessment and enhancement. Doing so will help prevent the evaporation of gains in cyber posture and provide continued opportunities to make additional improvements.
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. The SOC products Reveelium and SIEM can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu