Cyber Security News & Trends – 06-28-19
This week, SonicWall is featured on Reuters TV, federal cybersecurity is found to be seriously out of date, and a young hacker is taking down Internet of Things botnets by bricking as many IoT objects as he can.
SonicWall Spotlight
To Pay or Not To Pay: U.S. Cities With Ransomware – Reuters
- SonicWall’s Dmitriy Ayrapetov is featured demonstrating a ransomware attack in this Reuters video segment investigating the current increase in ransomware attacks on US cities.
HiddenTear Ransomware Variant Encrypts and Gives Files .Poop Extension – SonicAlert
- The SonicWall Capture Labs Threat Research Team came across some childish ransomware which, after replacing your files with a “.poop” extension, updates your background with a poop emoji. It is, however, real ransomware and should be treated as such; SonicWall protects you from it.
Cyber Security News
U.S. Carried Out Cyberattacks on Iran – New York Times
- Multiple news outlets report that the United States Cyber Command conducted online attacks against an Iranian intelligence group after physical strikes were called off. Full details on what was attacked are not known and US Cyber Command have not released any information.
Federal Cybersecurity Defenses Are Critical Failures, Senate Report Warns – CNBC
- After a 10-month review of federal agencies, a damning 99-page report on federal cybersecurity has been released. Details include failures to apply mandatory security patches, ignoring well-known threats and weaknesses for a decade or more, and outdated systems with at least one case of a 50-year-old system still in use in 2019.
NASA Hacked Because of Unauthorized Raspberry Pi Connected to Its Network – ZDNet
- NASA confirmed that in April 2018 a hacker breached their security using a Raspbery Pi device and accessed around 500 megabytes of data, including information on the ongoing Mars Curiosity Rover mission. The full investigation into what happened is still ongoing.
The Hotel Hackers Are Hiding in the Remote Control Curtains – Bloomberg
- Bloomberg hitch a ride with some IT consultants who are investigating the rise of cyberattacks on hotels – seen by the hacking community to be both lacking in basic cybersecurity and as a massive database of personal information.
Hackers Strike Another Small Florida City, Demanding Hefty Ransom – Wall Street Journal
- Lake City officials in Florida agreed to pay 42 bitcoins, around $500,000, in a ransom less than a week after another Florida City, Riviera Beach, paid a similar amount to retrieve their data.
A Firefox Update Fixes yet Another Zero-Day Vulnerability – Engadget
- Mozilla patched two zero-day vulnerabilities over the past week, with the second coming only 48 hours after the first. Both zero-days used the same attack and they appeared to be targeting Coinbase employees directly.
Riltok Banking Trojan Begins Targeting Europe – SC Magazine
- The Riltok banking trojan, originally intended to target Russians, has been modified to target the European market. It is spread via a link in a text message that, if clicked, directs the user to a website that prompts them to install a fake update of advertising software.
And finally:
Thousands of IoT Devices Bricked By Silex Malware – Threat Post
- A 14-year-old hacker has been spreading anti-Internet of Things malware because he wants to stop other hackers using the devices for botnets. At the time of writing at least 4,000 devices have been bricked by his malware.
In Case You Missed It
- Defending Endpoints from Fast, Ferocious Ransomware Attacks – Brook Chelmo
- SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
- The E-rate ‘Fear Less’ Solution – SonicWall Staff
- Navigating the E-rate Program: Forms, Filling Cycles & Rules – SonicWall Staff
- An Explanation of E-rate: How to Cost-Effectively Protect K12 Networks – SonicWall Staff
- Inside the Modern Phishing Campaigns of 2019 – Ganesh Umapathy