Risk Radar Free Cyber Newsletter – May 16, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

WannaCry Variants Pick Up Where Original Left Off
I hope everyone has updated their Windows PCs to the latest Microsoft updates. This is needed to patch EternalBlue and DoublePulsar exploits, these exploits enable the worm like capabilities of WannaCry ransomware. Variants of WannaCry (avoiding the kill switch) are already in the wild. Security researches have also noted that other malware like banking Trojans and others could use the EternalBlue/DoublePulsar exploits worm like characteristics.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

Microsoft Issues XP Patch to Battle WannaCry Ransomware
If you are still using Windows XP it is time to make a plan to move to Windows 7 or Windows 10. Microsoft has stopped supporting Windows XP but they have issued a patch for WannaCry ransomware attack. The large use of Windows XP in many different countries has contributed to the spread of the WannaCry attack.
DocuSign Phisher Hacked Firm to Access Customer Emails
If you use DocuSign be aware of emails you receiver from them asking for information. DocuSign accounts have been accessed by an attacker. At this point DocuSign says only email addresses have been taken. Passwords and other sensitive information was not taken by the attackers.
Millions of identities stolen from education platform Edmodo
Education platform Edmodo have had millions of accounts stolen. The thing that makes this even worse is the information is actively being sold on the dark web. The passwords were hashed with the bcrypt algorithm. While this makes the login information hard to get the email addresses can still be used in phishing attacks.
Microsoft’s New Security Update Guides Get Mixed Reviews
Microsoft has released a new security update guide for IT admins. The goal of this new guide is to make it easier for admins to determine which patches they need for their networks. The initial roll out has mixed reviews at this point. Hopefully it will get better going forward. The WannaCry Ransomware attack has shown the need to keep IT systems patched.
OpenVPN Audits Yield Mixed Bag
Two security audits of the open source software OpenVPN have been done. One has shown OpenVPN to be cryptographically sound, the other has found two vulnerabilities. Both of these security audits should make OpenVPN safer going forward as OpenVPN goes over the audits.