UA-72240440-1

Risk Radar Free Cyber Newsletter – May 2, 2017

Date: May 10, 2017
Author: MRPE
Comments: 0 Comments
Categories: eCrime, Incident Response, Malware Threats, Mobile Security, Risk Radar FREE Newsletter, Security/Vulnerability Assessments

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Orange is the New Black Hat: Adversary leaks show’s new season after Netflix snubs ransom demand
Netflix has refused to pay a ransom to stop a hacker group called “The Dark Overload” from releasing “Orange is the New Black” episodes online. Third party vendor Larson Studios was compromised by the attackers. Media content from multiple networks were taken, the details of the attack have not been released.  I am glad to hear Netflix did not pay the ransom, hopefully other networks do the same.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.
Apple Revokes Certificate Used By OSX/Dok Malware
Apple has revoked certificates used by the OSX/Dok malware attacks. The OSX/Dox malware was spread by a coordinated email phishing campaign. The malware initiated an OS X update that downloads the full malware payload. This attack was interesting because all OS X versions were impacted and the use of valid certificates showed OSX/Dok malware as legitimate.

Attack Method Highlights Weaknesses in Microsoft CFG
Microsoft has added protection against memory based vulnerabilities in Windows 8.1 and Windows 10. Control Flow Guard (CFG) is the name of this protection, security researchers have been looking for weakness in CFG. It is not clear that these CFG attacks are in the wild, at this point security researchers are looking to improve CFG.
Intel Patches Nine-Year-Old Critical CPU Vulnerability
A nine year old CPU vulnerability is being patched by Intel. This vulnerability effects business desktop PCs that use Intel’s Active Management Technology (ATM). This CPU vulnerability enables attackers to gain system privileges on networks with vulnerable PCs.  A firmware update and an updated version of ATM are required to updated the effected PCs.
Network Security Creates a “Black Hole” of Overheads
The management of security products is becoming a bigger and bigger part of in house security staff resources. For mid-tier companies the compliance requirements and the need to guard against current attacks is becoming a challenging problem.
The Time Has Arrived to Embrace Hackers
There has always been a bit of a love/hate relationship between governments/business’ and hackers.  It is a mixed bag when it comes to hackers. At a minimum they expose flaws in systems if they are black or white hat hackers. Governments and businesses have been using bug bounty programs as an incentive for hackers to help them.