Risk Radar Free Cyber Newsletter – Dec 12, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Ransomware Takes Out North Carolina County
A county in North Carolina has been forced to go back to pen and paper for county functions. Ransomware has taken these functions offline.  The county has told residents to expect delays as they restore from backups.
Microsoft Patches Two Critical Defender Bugs
Two Microsoft Windows Defender bugs that allow remote code execution have been patched. The exploits were exposed when specially crafted files are scanned by Windows Defender. It is recommended by Microsoft to patch ASAP.
Banking Apps Found Vulnerable to MITM Attacks
Security researchers have found Android and iOS Banking apps that are vulnerable to man-in-the-middle (MITM). The vulnerability was related to certificate pinning. The impacted banking apps have been fixed.
Apple Fixes Flaw Impacting HomeKit Devices
Apple has fixed an exploit in the HomeKit framework that can allow attackers to control smart locks and garage door openers. The exploit is there when you have an iOS 11.2 device that is linked to a HomeKit user’s iCloud account.
Phishers Are Upping Their Game. So Should You.
Phishing emails used to be very easy to spot. You could look at the bad grammar and misspelled words and spot the phish easy.  Brian Krebs has an in depth article on how Phishers are getting better. The article covers what to look for regarding the improvements in phishing.
Cybercrime Now Driven by Four Distinct Groups
Malwarebytes has broken down cyber attackers into four distinct groups. The main drive for all these groups comes down to money and/or ideological reasons. The article gives a nice write up on each group.