Risk Radar Free Cyber Newsletter – May 9, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Emergency Update Patches Zero Day in Microsoft Malware Protection Engine
Microsoft has updated a zero-day exploits in the Malware Protection Engine. These exploits were discovered by Google security researchers. These exploits allow remote code execution on Windows 7 to Windows 10 and Windows Server 2016. Updates will be automatically pushed in the next 48 hours.
Against a Rising Tide, Most Mid-market Orgs Aren’t Ready for Ransomware
A recent survey from Barracuda Networks is showing that small and medium sized businesses are not prepared for ransomware attacks. Most of these businesses are aware of ransomware, the problem is they don’t know how to defend against ransomware. The fact that these businesses have limited security resources make them an attractive target for ransomware.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

Massive Google Docs phishing attack targeted credentials, permissions
A phishing attack targeting Google Gmail and Docs has been mitigated by Google. It appears the goal was to get login credentials and additional addresses. The phishing attack did more than just go after login information. The phishing email tried to get “read, send, delete, and manage permissions for email and contacts. At this point there is no indication the stolen information has been used.

Mirai’s Progeny Enslaves 120,000 IP Cameras – and Counting
A new IoT botnet called Persirai has compromised more than 1000 different cameras. The Persirai botnet is also using zero-day exploits to attack cameras with password protection. Once the cameras are compromised they are used in DDoS attacks.
New ‘Dok’ dropper variant found, even after Apple revokes cert for Mac malware
A new variant of the Dok dropper has been found by security researchers. The new variant is mitigated due to Apple revoking the certificate. The interesting thing about this new variant is the possible reuse of the python based attack in future malware attacks. While Mac’s are generally more secure than PCs, Mac users should still be wary of malware attacks. Here are two more Mac based malware attacks. A spyware attack and backdoor/rootkit attack.
FBI: Many companies ignore cybercrime warnings from government
The FBI is saying more than a third of companies that get officially informed by the government that they are being targeted by cybercriminals do not act on this information. The reasons for ignoring these warnings can be many. The article covers the reasons briefly and give a quick break down of how and why these attacks are happening.