Check Point’s mid-year cyber-attack report reveals that 42 percent of organizations globally have been hit by crypto-mining intrusions and that sophisticated attacks on cloud infrastructures are growing.
During the last couple of years, cyber-security has been largely about the huge influx of malware flowing through the veins of the internet. The problem hasn’t gone away by any means, but now in 2018 there’s an even larger threat: crypto-mining-specific malware.
Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer’s file system – and potentially execute malicious code.
Specifically, the flaws, dubbed “Zip Slip” by its discoverers at security outfit Snyk, is a path traversal flaw that can potentially be exploited to perform arbitrary code execution attacks. It affects certain tools that handle .zip, .tar, .war, .cpio, and .7z formats.
A security researcher found a way to delete any picture on Facebook, irrespective of whether it’s public or private, by cunning use of polls.
Pouya Daribi was digging around in the software used by Facebook users to set up quick opinion polls on their profile pages. When creating these informal surveys, the social media addicts can select photos to appear alongside the questions, and the ID codes for these pictures are embedded in the HTML form submitted to Facebook’s servers.
More data records were leaked or stolen by miscreants during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion).
Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are exposed or swiped every day.
During the first half of 2017 there were 918 reported data breaches worldwide, compared with 815 in the last six months of 2016, an increase of 13 per cent. A total 22 breaches in Q1 2017 included the compromise, theft or loss of more than a million records.
Researchers are in a full-out sprint to notify the owners of a substantial list of connected devices and associated telnet credentials that has been available on Pastebin since June but gone viral since Thursday when it was posted on Twitter.
The list has more than 20,000 views as of Saturday morning, up substantially from fewer than 1,000 on Thursday.
The ransomware problems reported by The Reg over the past few weeks are enough to make you, er, wanna cry. Yet all that’s happened is that known issues with Windows machines – desktop and server – have now come to everyone’s attention and the bandwidth out of Microsoft’s Windows Update servers has likely increased a bit relative to the previous few weeks.
But there’s more to life than Windows XP and the day-to-day computing landscape consists of a rich sediment of accumulated and inherited non-Windows operating systems. And my fiver says that only a tiny minority of you have leapt into action and rushed to update these particular systems in the wake of WannaCry.
What exactly are we talking about? According to netmarketshare.com the non-Windows market share is about 10 per cent – 2 per cent of which is Linux and 3.6 per cent macOS. In the server world the story’s not dissimilar: looking this time at some data from Spiceworks, about 12 per cent of servers run non-Windows OSs, with RHEL at 1.2 per cent and various other Linuxes making up 10.5 per cent. The core server Linuxes aside from RHEL are Ubuntu, SUSE, CentOS, Debian and Oracle Linux.
The Federal Trade Commission (FTC) has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to hacker sites. To prevent identity theft, a user should follow password security best practices, such as multi-factor authentication, which requires a user to simultaneously present multiple pieces of information to verify their identity.
US-CERT encourages users to refer to the FTC alert and the US-CERT Tips on Preventing and Responding to Identity Theft, Choosing and Protecting Passwords, and Supplementing Passwords for more information.
US President Donald Trump’s cybersecurity executive order, signed on Thursday after a series of delays, will make federal agency heads accountable for protecting their networks.
On the other side of the fence, computer security product makers have broadly welcomed the policy, which also calls on government and industry to reduce the threat from automated attacks on the internet.
The delayed cybersecurity executive order aims to bolster the government’s information security while protecting the nation’s critical infrastructure from cyberattacks. The order is important because it sets the direction for US infosec policy in government and beyond. Unlike many of President Trump’s other policy initiatives, the order is largely uncontroversial and might (whisper this gently) be seen largely as a continuation of measures former President Barrack Obama was putting into place.
Google has released Chrome version 58.0.3029.96 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Chrome page and apply the necessary updates.