Weekly Security Roundup #60: Strong Year Start for Cyber Attackers
Make cyber security your priority this year (and any year for that matter)
There is no winter break when it comes to security news. While people around the globe were celebrating New Year’s Eve, cyber criminals were knee deep in managing their attacks. So we had plenty of stories to choose from for our weekly security roundup!
At the beginning of this week we published a brand new security alert. It concerns an increase in exploit kit activity for Neutrino, Rig and Angler. Our security team observed that the new campaign comes with fresh tricks and vulnerabilities. But you can read more about these matters in the dedicated article.
To help you be prepared against security nightmares that come true, we also published two comprehensive security guides.
In the first one we covered the basics of detecting and preventing phishing: what it is, how to detect it and what to do in case you got caught in the phishing net.
Our second security guide is about data breaches and what you should do in case your account is hacked. Not an implausible scenario, right? We covered all the steps that you need to take in case this happens to you.
And now, the 10 most important security stories that you shouldn’t miss:
Security articles of the week
Sometime between Christmas and New Year’s Eve, an independent security researcher uncovered the records of almost 200 million U.S. voters. A misconfigured database left exposed essential information, such as names, postal and email addresses, birth dates, phone numbers, party affiliations, voting history since 2.000, and many others.
While this type of data is generally considered to be public information, it also has a massive potential to be used for malicious purposes.
Up to 320.000 Time Warner Cable customers were affected in this new data breach. The cause is yet unknown, but it led to the leak of email addresses and passwords. Representatives of the cable company warn their customers to urgently reset passwords and take precautions.
If you’re among them, then our latest security guide is for you – we covered in it all the steps that you need to take when your account was part of a data breach.
This week, the Dutch Ministry of Security and Justice released a statement that advocates for strong encryption, citizens’ privacy and confidential communication. In a letter addressed to the Dutch House of Representatives, the Ministry stands firm against backdoors or any kind of legislation that would grant them access to their citizens’ data.
“The government recognizes the importance of strong encryption for internet security, to support the protection of the privacy of citizens, for confidential communication of government and enterprises, and for the Dutch economy. Therefore, the government believes that it is not desirable at this time to take restrictive regulatory measures in respect of the development, availability and use of encryption within the Netherlands.”
Houses from an Ukrainian region were left without electricity on December 23rd, because of malware that disconnected the power stations. This was not an isolated incident, as other electric distribution companies in Ukraine were targeted in the same time. The attackers used the BlackEnergy malware family to infect the operators and cause the blackout.
“Destructive malware is not a new phenomenon. While even some of the earliest viruses used to have destructive functionality intended mostly as a prank, today’s cybercriminals use such components for a number of reasons, ranging from sabotage, or hacktivism, to covering their tracks after a successful cyber-espionage attack.”
So you think trains are the safest way to travel? Three Russian industrial control specialists exposed core flaws in rail networks, that leave trains vulnerable to hijacking and derailment.
The Hacker News wrote an article on how cyber criminals are using Let’s Encrypt, the service that allows anyone to obtain free SSL/TLS certificates.
Because of a poor check on domains, the free SSL certs are now used not only by legitimate website owners, but also cyber criminals for spreading malware.
A security researcher exposed flaws in Comcast’s Xfinity Home Security system that causes to falsely report that windows and doors are closed and secured.
This is probably just a small fraction of what we’re about to witness in the upcoming years: how easy it is for thieves to exploit the vulnerabilities in smart home systems and break in.
Comodo Labs team unveiled a phishing campaign, aimed at WhatsApp users. By sending fake emails with creative subject lines, they trick the receivers and infect them with malware.
Examples of those subject lines:
The random set of characters at the end of the subject line is probably used to identify the recipient.
For more information on how to protect yourself against phishing, don’t forget to check out our security guide.
Last week, on New Year’s Eve, BBC was hit with what was probably the largest DDoS attack in history. The New World Hacking group said that the attack on BBC was “only a test” and that they “didn’t exactly plan to take it down for multiple hours”. They also declared that their main focus was to take down ISIS-affiliated websites.
In the same day, they also hit Donald Trump‘s campaign website.
Have you ever wondered what reasons might someone have to create fake profiles and impersonate someone else? Olga Polishchuk, Senior Manager of Investigations at Cyveillance, explains in this article some of the plausible motivations and threats.
Never a dull week, right?
As these cyber attacks become a day-to-day norm, we expect people to take security matters more seriously.
Stay informed and adopt all the necessary precautions for your safety.