At Alchemy Systems we daily check a variety of sources for information on threats and attcaks in the cybersphere. We post some of these on our Facebook page but as we get a lot of enquirieis we’ve decided to do a bi-monthly round up of the items that have come to our attention. There’s a lot going on out there so as afr as attackes are concerned we’re focusing on those that happen directly to UK companies and organisations or which could impact UK companies and organisations.
Beware of Teddy Bears
Around 2.2 million voice recordings and 800,000 customer records have been exposed via teddy bears that send and receive audio messages using smartphones. The bears are manufactured by Spiral Toys who held customer emails and passwords on a MongoDB database that, allegedly was neither password nor firewall protected. The database had been indexed by Shodan, a search engine that facilitates finding unprotected websites and servers.
Researchers at Talos (a threat intelligence organisation) recently reported on a new form of malware that’s very hard to detect as it uses Microsoft PowerShell scripts to hide and connect directly with a server using the DNS port. It’s distributed as a Microsoft Word document spread through a phishing campaign. Read more
It never rains but…
And we have yet another new phishing campaign … this one uses a fake iTunes receipt for movie purchases. At the bottom of the receipt, there’s a link to request a “full refund” in case of an unauthorised transaction.So if someone who hasn’t bought such a movie tries to dispute the payment if they click the link then the cyber criminal gets their hands on the persons banking data.
The Black Report, published by Nuix, looks at organisations’ cyber security strategy from the viewpoint of pen testers.
These are the main findings:
81% of pen testers said they could identify and exfiltrate data in less than 12 hours
88% said it took less than 12 hours to compromise a target
84% said they used social engineering when attacking the target
69% said they have never been caught in the act by security teams
For more on Pen testing (Penetration Testing) check our blog post on this topic.
A new disk-wiping malware was uncovered when it targeted a petroleum company in Europe. StoneDrill Malware is similar to the disk wiper malware Shamoon. “StoneDrill has been designed to as a service and target all systems connected within an organization to a Windows domain. In order to spread itself, the malware relies on a list of hard coded, previously stolen usernames and passwords belonging to administrators of the targeted domain. Once infected, StoneDrill automatically generates a custom wiper malware module without connecting to any command-and-control server,rendering the infected machines completely inoperable.” read more
The Firey Fox
Mozilla has released Firefox 52 whihc has not only remedied numerous security vulnerabilities but also warns if you try to enter sensitive information into forms on unencrypted HTTP websites.
A hacker known as Rasputin, has developed a niftfy SQL injection tool to exploit vulnerable web applications and break into university and government websites. He doesn’t steal any information – his criminal activity seems to have been about marketing and selling a method to gain unauthorised access to such organisations.
What is your strategy for becoming and remaining cyber resilient?
Alchemy Systems have 20 years of IT systems experience and are a Microsoft Partner. Alchemy Systems Designs, Supplies, Installs, Supports and Protects clients’ IT systems. Tel. 0330-043-080198 Email. [email protected]