Weekly Security Roundup #50: Don’t Think It’s Not Personal
Cyber criminals are not afraid to use your character traits and habits against you
You may not think of it this way, but cyber security is a very personal thing. And it’s not just because your confidential data is involved, but because cyber criminals use your character traits and your habits against you.
Do you like to multitask? Do you often use public Wi-Fi hotspots? Maybe you even reuse passwords for some of your less important accounts.
Cyber criminals know where you’re most vulnerable, but do you? To help you answer this question we’ve created a helpful guide to show you how your online habits are compromising your online safety and what you can do to get protected from… yourself.
And you’ll want to act on the advice, because there’s a new, active spam run that’s dropping the Dridex banking infostealer all over and that’s not the only threat out there, as you’ll see from the weekly security roundup below.
Security articles of the week
This is probably the news of the week and it’s a really good one for Internet users worldwide!
Cisco researchers, with the help of Level 3 Threat Research Labs and OpenDNS, have managed to strike a considerable blow against ransomware peddlers that used the Angler exploit kit to deliver the malware to unfortunate victims.
This shows once again the importance of mapping cyber criminal infrastructure and taking it down to severely hurt malicious operations and stop their effects on innocent victims.
2. More groups like DD4BC to emerge in the near future
We’ve written about DD4BC and their malicious actions in the past, but Stephen Gates, key security evangelist for Corero Network Security, thinks that their type of tactics and operations are just a preview of similar groups that could emerge. Cyber criminals are cunning and increasingly inventive, so we should be prepared to deal with any challenge they might throw our way.
Sometimes, the negative effects of cyber attacks remain online. But sometimes they make they cross the already blurred border and make their way into real life. Last week, “a Russian security vendor was attacked with Molotov cocktails after it published its analysis of an ATM skimmer”. And as cyber crime becomes an frequent weapon used for all types of purposes, so will the offline consequences increase in severity.
For companies, the endpoint is the most vulnerable segment in corporate cyber security. Bromium sums up the main causes in a relevant and on point infographic.
As threats and breaches multiply, companies become increasingly aware of the importance of investing in cyber security and collaborating on gathering and using threat intelligence to better protect themselves. That is also why the costs have really increased:
The average U.S. company of 1,000 employees or more spends $15 million a year battling cybercrime, up 20 percent compared to last year
But in spite of spending huge amounts of money, 25% of companies still cannot pinpoint how attackers made their way into their organization, although there are some usual suspects that should be checked off first.
The analysis of the Moker RAT shows just how effective and cunning this type of Trojan can be:
This malware, which they dubbed Moker after the file description in its executable file, is effectively a Remote Access Trojan (RAT) with great anti-detection and anti-debugging features.
Moker takes complete control of the target machine by creating a new user account and opening a RDP channel to gain remote control of the victim’s device, the researchers explained.
It tampers with sensitive system files and modifies system-security settings, and injects itself into different system processes. It’s also capable of recording keystrokes, taking screenshots, recording web traffic and exfiltrating files. In short, it has a whole gamut of capabilities that come handy to attackers who want to know everything that’s happening on a target machine and beyond.
Matthew Pascucci touched a key subject in a recent blogpost concerning the effective filtering of outgoing traffic. This is not only important for companies, but for home users as well, since second generation malware thrives on collecting data and sending it to cyber criminal controlled servers.
After this year’s revelations about how cars can be hacked and controlled remotely, Wired has summed up some important lessons that we should all keep in mind, since we are all directly concerned with how cars will serve and even protect us in the not so distant future. And this is especially the case since driverless cars can become an attack vector used by terrorists.
Cyber criminals have been using WhatsApp scams to trick users into giving up confidential information. This particular attack uses social engineering to gain the manipulate the user into relinquishing his/her data by posing as a trusted brand. If you’re a WhatsApp user, you should definitely know about this and be cautious.
If you’ve ever read about ransomware and its irreversible effects then you definitely asked yourself if victims should pay up. The same question becomes valid for any form of online extortion. This article uses a real life scenario to explain the situation.
After reading it, what do you think: would you pay if you were extorted by a cyber criminal?
Cyber attacks may be automated, but they certainly rely on our personal vulnerabilities to find a way into our system. If we have no security holes in our software or hardware (which is improbably, but let’s assume it’s possible), cyber criminals will use our liabilities as humans against us.
But we’re not helpless. It’s not a hopeless situation either. We just need to pay more attention and learn how we can beat them at their own game.