Blog

Cyberspresso: Cybersecurity weekly incidents, threats & attacks… grab a coffee, get updated

Cybersecurity rants & raves selected by XM Cyber analyst team.

 Our purple hat team rate the news by interest and newsworthiness.

 

New ransomware unable to restore files it encrypted
Doctor Web security experts and cybercriminals, warn the malicious program attacks Windows OS users for profit. The ransomware featuring a malicious payload is distributed via Social media & network shares by geolocation. Mysteriously ransomware avoids Russia, Belarus, Kazakhstan! Hmmmm…
Trojan detected under DPH name.
eHackingnews

  


Mega attack on the land of Berylia?
Nope not real. NATO & partners create scenario for huge cyber-attack on fake country to test critical infrastructure defense vs. attacks. Phew!
The Register

 

 

Atlanta Spends $2.6M to recover from $52K Ransomware Scare
Recovery for SamSam ransomware attack cost city of Atlanta more than initial demand.
Biggest winners: Edelman PR firm cashes in on $50k whilst Ernst & Young earn $600k on incident response consulting. Holy cow!
Wired

 

 

 

Users clueless about router devices security, survey finds
Only 14% update firmware, despite vulnerabilities exploited by attackers, such as old login credentials. Only 31% changed WiFi network password.
Poor response attributed to unclear guidelines & education. One possible solution; router producers need to create one-click updates.
Bleeping Computer

 

 

Bank customers find they can access other accounts 
Dream come true? IT nightmare?
Nearly 2M UK bank customers experiencing difficulties with account online, with some able to access other users’ funds after an IT upgrade went wrong. Apparently customers were’nt notified of the error. Not cool!
Infosecurity

 

 

Ransomware runs amok in 2017, crowned as most malicious sw.
Recently released Verizon report: Social engineering attacks with pretexting nearly tripled annually. Phishing simulations show that curiosity gets the better of 4% of people. Hacking, such as using stolen credentials was the leading method for facilitating a breach (48%). Malware in general was instrumental in 30% of breaches, while errors and social engineering attacks (17% each) came next. Some incursions involve overlaps of attack paths.

 

 

See figures below, by Verizon:

 

 

 

mxcyber

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.