Risk Radar Free Cyber Newsletter – May 23, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

All cried out? WannaCry ransomware victims strive to recover as researchers dig into attack
Victims of WannaCry are working on recovering as security researchers dig into the WannaCry attack. The combination of the worm attack with the ransomware made for a rare attack. The attack could have been worse. The researcher who found the “kill switch” and the quick patching of networks minimized the overall damage.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

#WannaCry Didn’t Start with Phishing Attacks, Says Malwarebytes
Malwarebytes has concluded that the WannaCry attack did not start with a phishing attack. They are saying it started in an old school worm attack way, they scanned for open SMP ports on the public internet. After this WannaCry spread from vulnerable pc to vulnerable pc. The article covers ways for networks to mitigate attacks like these. The ways have been said many times before, now they just need to put into action.
WannaCry fallout: is hoarding exploits, delaying fixes ever justified?
The WannaCry fallout has called into question the hoarding of zero-days by governments. The inability of the NSA to properly secure their hoard of zero-days does not help the government’s case for keeping these zero-day exploits. Most likely governments will continue to hoard zero-days, let’s hope they do a better job of securing them and make better choices releasing the zero-days to the effected companies.
EternalRocks Worm Spreads Seven NSA SMB Exploits
The worm like exploits used in the WannaCry are still being used, EternalRocks worm is using the NSA exploits to spread around the internet. At this point EternalRocks does not have a malware payload, security researchers are wondering what the malware payload will be. WannaCry is not going to be the final attack using these NSA exploits, please make sure you get your systems patched.
Android Gets Security Makeover With Google Play Protect
Apple has had a better update procedure for their iOS devices, they can patch independently of the cell carrier. Android devices do not have this option for pushing updates, but all Android devices have one common app. The Google Play Store is common to all Android devices. Google has already built security into this app, now they are beefing it up even more with Google Play Protect. This is a good thing for the overall security of Android devices.
Trump’s Cybersecurity Boss Talks Priorities
The top security boss for the Trump administration Rob Joyce is talking about the cyber security goals of the Trump administration. He is moving forward with these goals with the help of a recent executive order that Trump signed. It will be interesting to see how the Trump administration goes forward to improve our cyber security, let’s hope they are successful.