Weekly Security Roundup #85: Malware is everywhere, but don’t give up!
And that’s why you should read this week’s top 10 security news
The bad guys were quite busy last weekend, so on Monday we reported that the Adwind Remote Access Trojan resurfaced in a campaign which went on for quite a while without being detected by antivirus.
This RAT featured extensive capabilities to collect and exfiltrate data which could spell huge data loss for any company that gets infected with it.
This week we also worked on updating one of the most comprehensive guides we have.
The subject? You guessed: it’s ransomware!
You may be sick and tired of hearing about it, but it’s not going away anytime soon. New strains pop up every other week and the statistics show a sharp increase in the number of infections. Just see it for yourself:
Security articles of the week
Even though Locky took a 3-weeks break, it wasn’t because its creators went to the beach to sip on cocktails. Au contraire!
They worked to improve the ransomware’s code and enhance its evasion tactics.
In the meanwhile, a new ransomware strain popped up, carrying the name Zepto, because it adds the .zepto extension to the encrypted files. All the usual ransomware characteristics are all in place, so what’s left to do is protect against it and hope it won’t do as much damage as Locky did and continues to do.
Android-powered devices are under heavy fire by cyber criminals. The amount of mobile ransomware doubled in 2015-2016 in comparison to 2014-2015 and the trend is most likely to continue. After all, there are over 1.4 billion active Android devices in the world, and a lot of money to make from encrypting them.
If users don’t speed up their protection and cyber security education, the next attack may land their smartphone or tablet in hot water.
And they’re also the culprits that account for 49% of all the traffic on the Internet!
The worrying aspect is that all this traffic comes mostly from malicious bots, which cyber criminals use to launch attacks, exfiltrate data and defraud victims around the world.
The numbers in this infographic will give you a better idea of how big the issue of botnets really is.
In most people’s minds, malware is undeniably tied to the concept of cyber attacks. But one can exist without the other.
The so-called “low and slow” attack method relies on using entirely legitimate tools employed in penetration testing. Of course, attackers use them to avoid setting off any bells, so they can stay inside the compromised system a lot longer.
5. Track your Internet traffic across the world
Did you know there’s a free tool you can use to track your Internet traffic as it bounces across the world?
You can do it just for fun, but you can also use it for personal research purposes. Just go to the dedicated website and enjoy!
Security is a big part of this update, as Microsoft promises an enhanced version of Windows Hello and improvements for Windows Defender. Of course, a bunch of other tweaks and new things are also on their way.
I enjoyed reading this well-documented and balanced article on torrenting, which is an undeniably controversial issue online.
It offers some sound advice for those who are unaware of the security risks implied by torrenting and it also explains the legal consequences that can ensue.
If you’re truly dedicated to the issue of data privacy, you can help fund this documentary which aims to prove that there was an alternative to mass collection of data in the fight for security.
„A Good American“ is a gripping docu-thriller about a groundbreaking surveillance program, the brilliant mastermind behind it and how this perfect alternative to mass surveillance was killed by NSA-management for money – three weeks prior to 9/11.
The issue of data privacy and government intrusion is not over, so it’s good that initiatives such as this one keep the public debate alive.
With a name to match, a new type of ransomware aimed at encrypting the MBR has made its debut:
Attackers are developing an aggressive new ransomware program for Windows machines that encrypts user files as well as the computer’s master boot record (MBR), leaving devices unable to load the OS.
It’s been 24 months since Heartbleed was made public and the patch for it was released. But in spite of this, “200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability”.
This goes to show that cyber security is still not a priority for many, which continues to fuel a never ending chain of vulnerabilities that cyber criminals exploit freely.
There are a few simple truths about online security and one of them is that cyber crime will continue to thrive as long as data safety and privacy isn’t taken seriously by users and companies around the world.
We haven’t reached the tipping point yet, but I, personally, hope we won’t have to get there so that the basics of cyber security become a part of everyone’s education.