Risk Radar Free Cyber Newsletter – Jan 10, 2017

CIA: We Know the Russian Officials Behind the Election Hacking
It is being reported that the CIA is confirming that Russian officials were behind the election hacking in 2016. The report also states that documents leaked by WikiLeaks came indirectly from Russia.

The Trump team is saying the President-elect Trump accepts that entities in Russia were behind these hacks.

FireCrypt Ransomware Contains DDoS Functionality
A new Ransomware has added DDoS functionality. FireCrypt is spread with a malicious .DOC or. PDF file, most likely a through email. The inclusion of the DDoS functionality seems odd, researchers feel that there is a good chance the DDoS functionality would be discovered after the ransomware attack.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

MongoDB Attacks Jump From Hundreds to 28,000 In Just Days
There is a massive uptick in MongoDB databases that are being attacked. In late December a lone attacker was discovered going after MongoDB databases. It now seems like multiple attackers are involved. The problem is a default installation of MongoDB does not require authentication to access the database. If you use MongoDB make sure you require authentication to your databases.

Netflix Phishing Campaign Targeted User Information, Credit Card Data
A phishing campaign has been discovered targeting Netflix user information and credit card data. The attack directs the victim to log into their Netflix account and update credit card information. The interesting thing about this attack is how the fake pages are setup to avoid detection. If the potential victim is using DNS that has an anti-phishing service the fake pages will not come up.
KPMG: Cybercriminals Set to Get ‘Creative’ in 2017
The European professional services giant KPMG is stating that the internet of things (IoT) will become a major threat vector and target in 2017. Ransomware will continue to improve also, becoming “smarter and more targeted”. Areas that enterprise need to improve in security are covered in the article.
EFF Call For Pre-Trump Security Preparations
The EFF is making an interesting call for tech companies to secure themselves from the Trump administration. The infosec community is unsure how much of Trump’s rhetoric will come to pass. Time will tell if the EFF’s call will be seen are reactionary or foretelling.