Latest Posts

University College London (UCL) Suffered a Major Ransomware Attack


The University College London was hit by a major Ransomware attack on June 15 2017. The Ransomware infected personal and shared drives in the network and the UCL's information Security Team is working with the affected users to identify the exact source of the infection.
According to press release of the University, this could be a zero-day attack as the virus did not show any suspicious activity.

"We are continuing to investigate the infection that is affecting UCL users. Our current hypothesis is that the malware infection occurred through users visiting a website that has been compromised rather than being spread via email attachments. However this remains unconfirmed at the moment."

The security team later confirmed that the attack was not via email but by visiting infected website.
"We have continued to analyse the infection across the UCL filestore and the method of infection this is still ongoing. We have not seen any more users affected by the malware. We no longer think the infection came from an infected email but from users accessing a compromised website. Please be vigilant if you notice an unexpected popup or other unusual behaviour when you access a website close the browser and report it to Service Desk."

At the time of writing, the Security team were still restoring the infected drives.
Source: [UCL ISD News]

Beware of Fake Wannacry Protection Apps on Google Play Store


Researchers from MacAfee came across a series of rogue apps on Google store posing as Wannacry protectors. Wannacry is a Ransomware which affects Windows operating system only. But, cybercriminals are taking advantage of the trending topic to trick Android users into installing fake Wannacry protectors on their devices.

These applications are loaded with ads and once installed, they advertise sponsored applications, encouraging users into installing them. These sponsored applications may contain other malware. We advise our readers to follow the tips provided by MacAfee before installing any application:

Be careful what you download
 Don’t download anything for WannaCry protection unless it’s from a trusted security provider. More importantly, if the issue does not affect your type of operating system, don’t download anything you don’t need to.

Read app reviews.
Before you even download an app, make sure you head to the review section of an app store first. Take the time to read the reviews, and keep an eye out for ones that mention that the app is falsely advertised, or has had issues with security. When in doubt, avoid any app that seems remotely fishy.

Use a comprehensive security solution.
Whether the newest cyberattack is after your computer or your mobile devices, make sure you cover all of them with a comprehensive security solution.

Source:[McAfee]

WannaCry: The Global Ransomware Attack

By now, the ransomware cyber-attack which started on Friday has infected more than 200 000 computers in 150 countries, and, as per security researchers, this number will continue to rise. The ransomware, which is known as Wannacry, mainly target old or unpatched Microsoft Windows operating system by locking the device. To unlock the device, the user must pay a ransom of $300. This piece of malware lock the computer by encrypting its hard disk, preventing users from getting access to their files. They are presented with a screen where steps of how to decrypt their device is published. Big companies such as British NHS, FedEx and Telefonica have fallen victims of the cyber-attack.

Hackers behind this attack has been using EthernalBlue, an exploit developed by the NSA to identified flaws in Microsoft SMB protocol, and which was leaked in the dark web by a hacking group called Shadow Brokers. Microsoft released an update to patch the vulnerability on its newer version in March. Many users and administrators have failed to apply the updates, making it easier for the ransomware to spread more quickly.  As many small businesses and individuals are still using older version of operating system, Microsoft took an unusual step by releasing updates for Windows XP, Windows 8, and Windows Server 2003 so that all users can patch their system.

We advise our readers to apply the patch released by Microsoft as soon as possible and not to open any files received from an unknown source.

Microsoft Updates Catalogue [Click Here!]

Cybersecurity Seminar by BDO IT Consulting Ltd


There are only two types of company: those that have been hacked, and those that will be.

From anywhere and at any time, hackers can launch a cyber-attack on your organisation. Taking this into consideration, BDO IT Consulting Ltd is organising a full day cybersecurity seminar where, ideas, trends, technology and knowledge will be shared to keep you one step ahead of these attacks.
The key topics which will be discussed in the first session are:
•    Hacking Humans
•    In and Out: Strategies for Preventing, Detecting and Mitigating Cyber Risk
•    Building Cyber Capacity: Market Opportunities and Challenges
•    Bridging the gap between prevention and incident response
And the second session will be a three hours of live attack, where an expert ethical hacker from BDO South Africa Forensic and Cyber Lab will guide the audience through hacking methodologies.

For more details and to register [Click Here!]

Florida Man Pleads Guilty to Attempted Hacking of Clinton Foundation

Timothy Sedlak, a 43 years old man from Florida pleaded guilty on Thursday for attempted hacking of the Clinton Foundation. Sedlak was arrested in 2015 and according to the prosecutors, he launched about 390,000 unsuccessful attempts on the charitable organization's computer network. The police also discovered files of child pornography on his computer and he was sentenced to 42years of imprisonment, separately, by Orlando court

Describing himself as a private investigator, Timothy stated that he was searching whether charities were used to fund Islamic militant groups.

During the proceeding, the prosecutors did not mention the name of the New York-based charitable organization but Reuters managed to get a copy of the filing on February 3.

More can be read from Reuters Here!

Hard-to-Detect Malware Attacking Enterprise Networks


According to Kaspersky Lab's latest report, an "invisible" malware is spreading among banks, telecommunication companies and government agencies. This sophisticated worm uses legitimate system admin and security tools such as PowerShell, Metasploit and Mimikatz to inject malware into computer memory.

This particular malware was first discovered by the security team of a bank. They found a copy of Meterpreter on the physical memory of Microsoft domain controller. Forensic analysis reported that the Meterpreter code was downloaded and injected by using PowerShell commands. It was discovered that the NETSH utility was used for tunneling traffic from the victim's computer to the attacker's server. To run malicious PowerShell scripts, the attackers grabbed credentials from Service accounts with administrative privileges by using Mimikatz.

By now, over 140 enterprises in 40 countries have been affected by the new malware.

Source:[Securelist Blog]

Visitors

Free counters!

Receive all updates via Facebook. Just Click the Like Button Below...

Powered By MauriHackerS

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !