Risk Radar Free Cyber Newsletter – Oct 3, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Ransomware Resurrected
Ransomware may not be in the headlines lately, but it will make a comeback. The article covers why ransomware is so resilient. With that in mind you may want to check out this article on preparing for ransomware attacks. Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.
Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards
Millions of credit card and debit card accounts have been compromised by the Sonic breach. Brian Krebs has knowledge that these accounts have showed up on underground cybercrime stores.

Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug
Oracle has released patches for recent bugs to Apache Struts. Some of the patches are for critical bugs, Oracle is recommending users apply the recent patches. They are also reminding users to apply the patch for the vulnerability in the Equifax breach.

Macs Not Receiving EFI Firmware Security Updates as Expected
An issue with EFI on Macs was discovered in 2015, Apple included EFI updates with the Mac OS security updates to fix this problem. Duo Security has discovered that that these EFI updates are incomplete. This is effecting Macs in enterprise environments. Apple is working with Duo Security on this issue.
Monero-Mining Campaign Takes the Easy Road to Cash Gains
Legitimate open-source Monero mining software has been modified to be covertly installed on unpatched Windows 2003 servers. Destructive attacks like Petya get noticed, but these stealthy attacks can be a big drain on your enterprise.
Fake News on Vegas Shooter Embarrasses Google and Facebook
Google and Facebook are on a big push to minimize fake news and alternate facts. For a short period of time they promoted fake news stories about the political motivations of the Vegas shooter.