Blog door Jay Brand, Security Analyst SecureLink
Every month our Cyber Defense Center keeps you informed about the most recent dangers, hacks, leaks and attacks. Make sure to stay up-to-date and bring a visit to our security blog regularly. If you have any questions, please don’t hesitate to contact us!
Top 5 threats
1. On the 27th of June we have seen a new ransomware campaign. This appears to be a new variant of Petya ransomware, also known as NotPetya/Petwrap/GoldenEye. New to this ransomware was the manner in which it spreads across the network via multiple lateral movement techniques and the way it renders the infected host unusable by overwriting the Master Boot Record with a custom bootloader. Also the goal of this malware does not seem to be financial gain but to spread quickly and damage an infected host. The malware seems to be “disguised” as ransomware.
On our website you’ll find our recommendations / advice to protect yourself against this ransomware.
2. A new phishing tactic that is targeted at mobile phone users has surged. This new tactic makes use of the fact that mobile browsers have narrow address bars, preventing users from viewing the full domain. A genuine URL like http://m.facebook.com would be faked using a lot of hyphens resulting in an URL such as:
http://m.facebook.com——————test.maliciousURL[.]com/PhishingPage.html. Where only the first part would be visible on mobile phones • Source
3. A new critical vulnerability in Skype for Web can cause the application to crash and malicious code to be executed on vulnerable Skype versions (7.2, 7.35 and 7.36). Please update to the latest version 7.37.178. • Source
4. A recent surge of Android banking malware has come up and can be traced to a forum post which was made in December 2016 by a malware coder. In this post he released a tutorial on how to build Android malware which seem to bypass the Google PlayStore malware scanner by obfuscating code • Source
5. On the 19th of June huge databases holding more than 198 million records with US voter data were leaked. Each record listed not only the name, address, date of birth etc. But also voter registration details and profiling information, ethnicity, religion and information that can be used to target specific political audiences • Source
Aanmelden security breach nieuwsbrief
Wilt u op de hoogte worden gehouden van security breaches?