Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
Theelectronics retailer, Currys PC World, was recently targeted by a group offraudsters who have hijacked their eBay account to carry out a series of scams.With access to the retailer’s account, the group was able to change the paymentdetails of listed items, including the iPhone 11 which is currently in highdemand. Those paying for these items via PayPal have had their money stolenfrom their accounts; this was done using a fake PayPal account set up by thescammers. This attack has affected over 600 customers that made purchases onthe weekend of October 19-20. Following this scam, the owners of Currys PCWorld resolved the issue, and confirmed that all customers affected would berefunded.
By BBC.co.uk
Webroot hasreleased its list of 2019’s nastiest malware, including cryptomining campaigns,huge phishing schemes and dangerous ransomware strains. It has been a big year forthe constantly evolving ransomware threat, especially for Emotet. Before their extended summer break, they werecausing mass disruption across the world; the most prominent of their payloadswas Ryuk, which had a massive presence in the first half of 2019. Business EmailCompromise has been a big issue this year, and we have seen a massive rise inemail hijacking; this type of phishing has become more prominent over recentyears. Finally, cryptomining has seen an increase in popularity. The low-riskmethod of acquiring money has become more frequent in 2019 and has proven moreprofitable than most other campaigns, while remaining less malicious. The mostactive cryptomining payload we have seen in use is Hidden Bee, which startedout with Internet Explorer exploits and evolved into payloads packed into imagefiles.
By HelpNetSecurity.com
As peoplebecome more aware of phishing, attackers must find more sophisticated ways toapproach their victims. One way they do this effectively is spear phishing;emails personally tailored to an individual, often from someone they know/workwith. These types of attacks are particularly profitable when targeting thosein the financial industry; this has been an area of focus for most attackers inrecent weeks. Security researchers have really been trying to respond to therecent increase in attacks with various prevention methods, and the bestdefensive measure they recommend is two-factor authentication. More details onspear-phishing included in the original post.
By KnowBe4.com
Security firm Red Goat Cyber Security has recently completed a study on the insider threat, showing whether or not professionals would report others if they noticed suspicious activity. The study records the opinions of over 1000 professionals across various industries; they were given different scenarios and were asked how they would react if different types of people were to be involved. The result of this report was that most employees would not know what to do if they noticed suspicious activity due to their organisation not providing them with guidance or training. In response, Red Goat produced some guidance steps on what should be focused on when it comes to reporting insider threats. This list includes the importance of HR in dealing with suspicions; the full report can be found here.
By SecurityBoulevard.com
Amysterious new piece of malware, called Xhelper, has been plaguing Androiddevices recently; in the last 6 months the malware infected over 45,000 devicesand is constantly spreading. Many users have become aware of the problem anddeleted the malware from their devices, some have even factory reset just to besafe, however this has not proven successful. It appears the malware canreinstall on the target infected device, even after being factory reset. Theapplication is hidden from users and launches itself from external events, suchas installing apps and/or rebooting the device; from this, the device can beconnected to the attacker’s remote command and control server where additionalmalicious programs can be downloaded. This malware is very dangerous and hasprimarily targeted users in India, though it has been observed in the US andRussia as well. Researchers recommend keeping everything up to date to avoidany exploitable vulnerabilities and be careful when granting permissions;installing a good antivirus application would also be a good idea. More detailson the nature of the malware is included in the original post.
By TheHackerNews.com
Its been abig year full of extremely dangerous vulnerabilities that have plagued ourdevices throughout 2019. This summary highlights the biggest and baddest flawsand exploits that 2019 has given us. One of the first big vulnerabilities thathad users all over the world worried was the secret surveillance flaw inApple’s FaceTime app. From this, to the major string of WinRar exploits to theiMessage bugs. This end-of-year summary includes everything you need to knowabout the scariest hacks and vulnerabilities of 2019; details of eachindividual bug is included in the original post.
By ZDNet.com
And that’s it for this week round-up, please don’t forget totune in for our next instalment.
Why not follow us on social media using the links providedon the right.
Edition #65 – 1st November 2019
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
