Risk Radar Free Cyber Newsletter – Feb 14, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Open Databases a Juicy Extortion Target
The value to attackers in encrypting, copying, and deleting open databases and then extorting the database owners is growing. If you have MongoDB, Hadoop, or CouchDB installations make sure you secure the installations. Databases left at the default install settings are not secure against current attacks. You could be left with a ransom note where your database was.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

#RSAC: More Phishing, Ransomware, Polymorphism Define Modern Threat Landscape
It should not be a surprise that we will see more phishing and ransomware attacks in 2017. Another indicating trend in 2016 malware was polymorphism, this is when malware is unique to each instance it is used. Signature-based security systems are not catching this malware.

Fileless Memory-Based Malware Plagues 140 Banks, Enterprises
Banks and enterprises are dealing with a fileless memory-base malware that is very hard to find. The attackers are using the OS system tools along with other third part tools to hide in memory and get login credentials and passwords. Many of these same tools are used by security researchers to combat black hat attacks. Attribution of this type of fileless memory-based malware is proving very hard to do.

Mac malware reportedly first to infect machines using macros
Using macros to infect Windows machines has been around for a while. Security researchers have identified what they believe is the first in the wild malicious macros in Word attack on Mac computers. While this current attack is not that sophisticated the security researcher surmised more sophisticated attacks like this one could be out there.
House Passes Long-Sought Email Privacy Bill
The House has passed a bill that amends the Electronic Communications Privacy Act (ECPA). The new bill adds in some protections to email. It does not have as many email protections as the recent California bill. The EFF is concerned the bill will stall in the Senate, we will see what happens.
#bsidessf2017: Fighting Email Phishing with a Custom IDS
Dan Borges of Uber was speaking at Security BSides San Francisco in regards to phishing. Phishing is a common attack vector that needs better solutions. Dan covers the interesting things that Uber has been working on to counter phishing attacks.