by CIRT Team
The Rig Exploit Kit Has Forsaken Ransomware for Coinminers [source: bleepingcomputer]
The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers). These are the main conclusions of months of observation by Palo Alto Network security researcher Brad Duncan. Exploit kit market continues to fall Duncan, one...
Read More
by CIRT Team
PHP Community Steps to Stop Installation of Libraries with Unpatched Bugs [bleepingcomputer]
Some of the most influential voices in the PHP community have united on a project to improve the security of the PHP ecosystem. Under the name of FriendsOfPHP, this group has created a database that includes references and details for known security vulnerabilities affecting various PHP projects and libraries. The purpose of this database is to provide a giant guide of what versions of what...
Read More
by CIRT Team
Is your child a victim of identity theft? [source: nakedsecurity]
The Equifax breach was well over half a year ago now, but I’ve had a nagging worry all the while since then: Was my child’s data affected in that breach, and how could I possibly find out for sure? After the Equifax breach, a number of people who had never even heard of the credit monitoring bureau (including people living outside of the U.S.) found...
Read More
by CIRT Team
Cybersecurity – Tips to Protect Small Business from Cyber Attacks [source: securityaffairs]
Small Business is a privileged target of attackers, in fact, there is a high risk of having problems with hackers if you are a large company or even a media player. Do you have a small company? If the answer is yes, and you think that no cyber attack will ever affect you, think again. Small Business is a privileged target of attackers, in fact,...
Read More
by CIRT Team
Which phishing messages have a near 100% click rate? [source: helpnetsecurity]
Training employees to spot phishing emails, messages and phone calls can’t be done just once or once a year if the organization wants to see click rates decrease. For one thing, employees come and go (and change roles) with regularity. Secondly, threats change over time. Thirdly, knowledge and practices that aren’t regularly reinforced will be lost. And, finally, awareness isn’t the same as knowledge. “Just...
Read More
by CIRT Team
SamSam Ransomware Hits Colorado DOT [source: bleepingcomputer]
The Colorado Department of Transportation (DOT) has shut down over 2,000 computers after some systems got infected with the SamSam ransomware on Wednesday, February 21. The agency’s IT staff is working with its antivirus provider McAfee to remediate affected workstations and safeguard other endpoints before before reintroducing PCs into its network. DOT officials told local press [1, 2] that crucial systems were not affected, such as...
Read More
by CIRT Team
Why Businesses Should Care About Ransomware [source: cloudwards]
In the past couple of years, there has been a proliferation of ransomware attacks affecting individuals and organizations, ranging from government institutions to corporations, and small businesses. It’s a fairly popular attack tactic among hackers, mostly because of its sheer capability to easily extort from victims. But, what exactly are we talking about here? What is Ransomware? Imagine walking into your office one morning to find all...
Read More
by CIRT Team
IBM X-Force IRIS Uncovers Active Business Email Compromise Campaign [securityintelligence]
IBM X-Force Incident Response and Intelligence Services (IRIS) assesses that threat groups of likely Nigerian origin are engaged in a widespread credential harvesting, phishing and social engineering campaign designed to steal financial assets. Beginning in the fall of 2017, X-Force IRIS experienced a significant increase in clients reporting instances of fraud or attempted fraud via wire transfer payments. These threat groups successfully used business email...
Read More
by CIRT Team
Amazon AWS Servers Might Soon Be Held for Ransom [source: bleepingcomputer]
Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017. The statement, made today on social media by infosec expert Kevin Beaumont, is nothing short of a prophecy of things to come, an opinion shared by many security professionals to whom Bleeping Computer spoke today. Amazon AWS S3...
Read More
by CIRT Team
Tesla Internal Servers Infected with Cryptocurrency Miner [bleepingcomputer]
Hackers have breached Tesla cloud servers used by the company’s engineers and have installed malware that mines the cryptocurrency. The incident took place last year when hackers gained access to Tesla’s Kubernetes server, an open-source application used by large companies to manage API and server infrastructure deployed on cloud hosting providers. Hackers breached one of Tesla’s Kubernetes consoles Cloud security firm RedLock —whose experts discovered the hacked...
Read More
