Risk Radar Free Cyber Newsletter – Nov 14, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

RDP brute force attacks used to spread LockCrypt ransomware
There has been an increase in RDP brute-force attacks on corporate servers. The attack is using a new variant of ransomware called LockCrypt. Researchers have discovered that LockCrypt does not have large code overlap with other ransomware. The attack does not seem targeted, it has been very opportunistic. How to protect yourself is covered in the article.
New IcedID Trojan Targets US Banks
There is a new banking Trojan targeting U.S. financial institutions. The Trojan is called IcedID and it is using similar techniques to TrickBot and Dridex Trojans. The attack starts with a phishing email attack. Once the system is compromised the IcedID banking Trojan is installed.Amazon takes steps to reduce S3 misconfiguration leaks
Amazon is adding additional security features to its S3 servers. The additional security features will improve the security of the S3 server.  The new features are not enabled by default so S3 administrators will need to enable them.
Phishing Biggest Threat to Google Account Security
Google and researchers from Cal Berkeley have studied how cybercriminals use stolen credentials.  It was found the phishing posed the greatest threat, then keyloggers and third party breaches. Google is using this information to increase security of Google accounts. Users can also help by enabling two-factor authentication.
The Devious Netflix Phish That Just Won’t Die
A particularly good Netflix phishing email keeps going. The email states your Netflix account has been suspended due to issues with billing info. The attackers do some clever stuff to avoid detection so avoiding this can fall mostly on the user.
Defense Department’s vulnerability disclosure program racks up 2,837 security flaws
It has been one year since the Defense Department started the vulnerability disclosure program (VDP).  It is not a bounty or cash incentive program but the results have been good for the first year.