Week in review: WordPress ransomware, NotPetya aftermath

Here’s an overview of some of last week’s most interesting news and articles:

EV ransomware is targeting WordPress sites
WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files.

Motivation roulette: Is pseudo-ransomware a term?
All too often the insatiable appetite for answers following a major campaign leads to the development of rapid conclusions with everything from: what is the objective of the attack? Who was compromised? Who did it?

STIX and TAXII: Sharing cyber threat intelligence
In this podcast recorded at Black Hat USA 2017, Allan Thomson, CTO at LookingGlass Cyber Solutions, talks about STIX, a language for describing cyber threat information so that it can be analyzed and/or exchanged, and TAXII, which defines services and message exchanges that enable organizations to share the information they choose with the partners they choose.

Decryption key for Apple iOS Secure Enclave Processor firmware revealed
A hacker that goes by the handle “xerub” has apparently figured out the decryption key for Apple’s Secure Enclave Processor (SEP) firmware, and made it available online.

How to spot malicious mobile apps
RiskIQ researchers have been monitoring over 120 mobile app stores around the world, and based on their findings, they advise users to be on the lookout for three suspicious things when evaluating the legitimacy of an app.

NotPetya aftermath: Companies lost hundreds of millions
Now that the dust has definitely settled, we can get a clearer picture of the losses the attack has brought on and the extent of the damage by perusing the financial results for Q2 or H1 2017 that the companies hit by the NotPetya have released.

Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately leading to a RAT infection.

Three barriers to digital IDs on the blockchain
There are a handful of very important steps that must happen for blockchain-based identity technology to become widely adopted and its full benefits realized.

How security pros look at encryption backdoors
The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors.

The human point: Gaining visibility into the context behind user actions
In this podcast recorded at Black Hat USA 2017, Dr. Richard Ford, Chief Scientist at Forcepoint, talks about the security industry’s need of a paradigm shift toward examining user behavior and intent.

DevOps skills gap: Do you have the necessary skills to succeed?
New research shows that software developers are not receiving the training they need to be successful as DevOps becomes the prevalent approach to building and operating digital products and services.

Google Chrome remote code execution flaw detailed, PoC released
Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome.

Three megatrends that will drive digital business into the next decade
Gartner revealed three distinct megatrends that will enable businesses to survive and thrive in the digital economy over the next five to 10 years.

DOJ wants to know who visited anti-Trump website
The US Department of Justice wants DreamHost to hand over IP addresses of some 1.3 million visitors to disruptj20.org, a website that helped organize political protests during President Trump’s inauguration. The company has decided to challenge the request in court.

US, China and the UK are top regions affected by IoT security threats
Trend Micro’s recent report shows more than 1.8 million cyberattacks have been conducted through home network routers in the past six months.

AI is key to speeding up threat detection and response
Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach.

Enterprise security culture: Why you need it, and how to create it
Security culture is critical to security just as culture is crucial to human society. Culture drives behaviour change, and behaviour change drives culture.

New infosec products of the week​: August 18, 2017
A rundown of infosec products released last week.

Share this
You are reading

Week in review: WordPress ransomware, NotPetya aftermath