Risk Radar Free Cyber Newsletter – Apr 18, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Cerber Takes Ransomware Crown from Locky
While ransomware has not been in the headlines lately it is still out there. Cerber ransomware has dramatically taken the top spot from the once dominate Locky. There have not been new ransomware exploits lately, but the older ransomware is being used with social engineering in a very effective way.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

ShadowBrokers’ Windows Zero-Days Already Patched
Microsoft has lessened some concerns over the exploits released by ShadowBrokers. A majority of the exploits have already been patched by Microsoft. The remaining three exploits are not as critical, if you are running the latest Windows or server OS’s you are not at risk. Make sure you get the latest updates to avoid these critical exploits.

VMware Fixes Critical RCE in vCenter Server
VMware is also fixing a critical vulnerability in its vCenter Server platform. This vulnerability enables attackers take control of affected systems. If you are running VMware in your business it is time to get the latest updates for your VMware.

Wave of Java-Based RATs Target Tax Filers
For those of you scrambling to get taxes done watch out for some new phishing attacks. When it comes to email be very careful which attachments you open. These new java-based attacks are using a higher level of obfuscation, this is making is harder for security researchers to analyze these new attacks.
Hackers use Mirai botnet to, slowly, mine bitcoins with IoT devices
Security researchers have discovered a new use for the Mirai botnet, the compromised IoT devices can be used together to mine bitcoins. Some researchers wonder how viable this will be for attackers to use. Other researchers point out that IoT devices are missing the security features that would block the IoT devices from being used as a bitcoin mining slave.
Why I Always Tug on the ATM
Do you pull on your ATM card reader before you use it? Brian Krebs covers why you may want to start doing this. The article gives a detailed description with pictures of what to look out for.