News – October 2017


  • If your websites use WordPress, put down that coffee and upgrade to 4.8.3. Thank us later

    October 31, 2017

    Updated WordPress has a security patch out for a programming blunder that you should apply ASAP. The fix addresses a flaw that can be potentially exploited by hackers to hijack and take over WordPress-powered websites, by injecting malicious SQL database commands. The core installation of WordPress is not directly affected, we’re told, rather the bug is in a security function ...

  • Apple Patches KRACK Vulnerability in iOS 11.1

    October 31, 2017

    Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol. KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degrees of difficulty. Many vendors had patched KRACK in their respective products prior to the ...

  • Emergency Oracle Patch Closes Bug Rated 10 in Severity

    October 31, 2017

    Oracle pushed out an emergency update for a bug in Oracle Identity Manager that is as bad as it gets. Scoring a 10 on the CVSS scale, the vulnerability, CVE-2017-10151, enables an attacker to remotely take over the software without the need for authentication. “While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products,” according ...

  • The nasty future of ransomware: Four ways the nightmare is about to get even worse

    October 31, 2017

    2017 has been the year of ransomware. While the file-encrypting malware has existed in one form or another for almost three decades, over the last few months it’s developed from a cybersecurity concern to a public menace. The term even made it into the dictionary in September. In particular, 2017 had its own summer of ransomware: while incidents ...

  • New EU framework allows members to consider cyber-attacks acts of war

    October 31, 2017

    A forthcoming policy framework from the European Union will declare that cyber-attacks from hostile actors can be considered an act of war that under the most serious of circumstances justifies a response with conventional weapons. The Framework on a Joint EU Diplomatic Response to Malicious Cyber Activities is intended to be a strong measure of deterrence ...

  • iPhone Apps With Camera Permissions Can Secretly Take Your Photos Without You Noticing

    October 29, 2017

    Are you a proud iPhone owner? If yes, this could freak you up. Trust me! Your iPhone has a serious privacy concern that allows iOS app developers to take your photographs and record your live video using both front and back camera—all without any notification or your consent. This alarming privacy concern in Apple’s mobile operating system ...

  • Australian National University establishes interdisciplinary Institute to focus on cybersecurity and innovation

    October 29, 2017

    The Australian National University (ANU) announced the establishment of the nation’s first interdisciplinary Cyber Institute on October 29. The announcement was made during a visit to Israel by a major Australian cyber security and innovation delegation, led by the Minister Assisting the Prime Minister on Cyber Security, Dan Tehan. Mr. Tehan welcomed the announcement. The ANU Cyber Institute ...

  • Ramnit worm: Still turning up in unlikely places

    October 27, 2017

    The Ramnit worm (W32.Ramnit) was an aggressively propagated Windows-based worm that first appeared around 2010. Its creator used an extensive range of propagation techniques to ensure that it spread quickly and widely. Once it infects a computer, it copies itself to all attached and removable drives. Crucially, it also searches for and infects .exe, .dll, ...

  • ‘Basic IT security’ could have prevented UK NHS WannaCry attack

    October 27, 2017

    England’s National Health Service (NHS) could have avoided the ransomware hack that crippled its systems in May, according to a government report. “Basic IT security” was all that was required to prevent the “unsophisticated” WannaCry attack, which affected more than a third of NHS organizations, said the National Audit Office (NAO). The full scale of the incident saw over 19,000 ...

  • Bad Rabbit used NSA “EternalRomance” exploit to spread, researchers say

    October 26, 2017

    Despite early reports that there was no use of National Security Agency-developed exploits in this week’s crypto-ransomware outbreak, research released by Cisco Talos suggests that the ransomware worm known as “Bad Rabbit” did in fact use a stolen Equation Group exploit  revealed by Shadowbrokers to spread across victims’ networks. The attackers used EternalRomance, an exploit that bypasses security over ...

  • Ursnif Banking Trojan Spreading In Japan

    October 26, 2017

    Attackers behind the pervasive banking Trojan Ursnif have made Japan one of their top targets, delivering the malware via spam campaigns that began last month. For years, Ursnif (or Gozi) has targeted Japan along with North America, Europe and Australia. But according to a recent IBM X-Force analysis of the malware, hackers have stepped up Ursnif ...

  • Bermuda cyber hack: Offshore law firm data hack leaves super-rich bracing for financial details to be released

    October 25, 2017

    A leading offshore law firm with clients including the super-rich and international corporations has revealed it suffered a “data security incident” that may result in customers’ private information being leaked. Bermuda-based Appleby, which has offices in a number of British overseas territories, said some of its data had been “compromised” in the 2016 cyber incident. The firm ...

  • DUHK Attack Exposes Gaps in FIPS Certification

    October 24, 2017

    Despite the obligatory logo and clever name, this week’s assault on crypto, the so-called DUHK attack (Don’t Use Hardcoded Keys), isn’t likely to be part of many threat models. Though the attack can be used to passively decrypt VPN and encrypted browser traffic, it relies on a host of implementation errors in admittedly ancient security appliances to trigger ...

  • Millions of Networks Compromised by New Reaper Botnet

    October 24, 2017

    A new and growing botnet called Reaper or Troop (detected by Trend Micro as ELF_IOTREAPER.A) has been found currently affecting more than one million organizations. According to the security researchers from Check Point and Qihoo 360 Netlab, the botnet they discovered is more sophisticated and potentially more damaging than Mirai. Reaper actually uses some of the code from ...

  • Bad Rabbit: New Ransomware Attack Rapidly Spreading Across Europe

    October 24, 2017

    A new widespread ransomware attack is spreading like wildfire around Europe and has already affected over 200 major organisations, primarily in Russia, Ukraine, Turkey and Germany, in the past few hours. Dubbed “Bad Rabbit,” is reportedly a new Petya-like targeted ransomware attack against corporate networks, demanding 0.05 bitcoin (~ $285) as ransom from victims to unlock ...

  • Dark web vendors are selling remote access to corporate PCs for as little as $3

    October 24, 2017

    Dark Web marketplaces are selling remote access to desktop PCs for as little as $3, allowing criminals to spy on firms without resorting to malware. The sale of remote access credentials is allowing attackers to steal data from organisations in healthcare, education, government, retail, and other sectors. In Window PCs, Microsoft’s Remote Desktop Protocol (RDP) allows individuals ...

  • Kaspersky Opens Antivirus Source Code for Independent Review to Rebuild Trust

    October 23, 2017

    Kaspersky Lab — We have nothing to hide! Russia-based Antivirus firm hits back with what it calls a “comprehensive transparency initiative,” to allow independent third-party review of its source code and internal processes to win back the trust of customers and infosec community. Kaspersky launches this initiative days after it was accused of helping, knowingly or unknowingly, Russian government ...

  • Latest Sofacy Campaign Targeting Security Researchers

    October 23, 2017

    Sofacy, the Russian-speaking APT group connected to interference in the 2016 U.S. presidential election, has been targeting researchers, admins and others interested in cybersecurity. Cisco’s security research arm Talos published a report on Sunday describing a campaign linked to Sofacy, also known as Fancy Bear and APT 28 among other names, using a decoy document related to the CyCon ...

  • Feds warn energy, aviation companies of hacking threats

    October 22, 2017

    Hackers have been targeting the nuclear, energy, aviation, water and critical manufacturing industries since May, according to Reuters. It’s even serious enough for Homeland Security and the FBI to email firms most at risk of attacks, warning them that a group of cyberspies had already succeeded in infiltrating some of their peers’ networks, including at least one ...

  • Hackers race to use Flash exploit before vulnerable systems are patched

    October 20, 2017

    Hackers are rushing to exploit a zero-day Flash vulnerability to plant surveillance software before organisations have time to update their systems to patch the weakness. Uncovered by researchers at Kaspersky Lab on Monday, the CVE-2017-11292 Adobe Flash vulnerability allows attackers to deploy a vulnerability which can lead to code execution on Windows, Mac, Linux, and Chrome OS systems. The exploit enables ...