Week in review: Crypto-mining malware hits SCADA network, server-side exploits dominate threat landscape

Here’s an overview of some of last week’s most interesting news and articles:

When crypto-mining malware hits a SCADA network
Radiflow has recently discovered Monero-mining malware on five servers of a water utility company located in Europe.

Intel releases new Spectre microcode updates for some affected processors
Now that Intel has shipped new microcode updates, it expects OEMs to push out new firmware again and urges users to implement them as soon as possible.

99 percent of domains are not protected by DMARC
Essentially every global domain is vulnerable to phishing and domain name spoofing.

Server-side exploits dominate the threat landscape
The increase in server–side exploits corresponds with the continued decline in the use of exploit kits relying on client–side vulnerabilities.

How to track smartphone users when they’ve turned off GPS
As it turns out, turning off location services (e.g., GPS) on your smartphone doesn’t mean an attacker can’t use the device to pinpoint your location.

Identity fraud enters a new era of complexity
This last year saw a notable change in how fraud is being committed.

Macro-less malware: The cyclical attack
Last year, attackers linked to the Russian hacking group APT28 (sometimes called Fancy Bear) started hacking like its 1999 with Microsoft Word-based malware that doesn’t trigger security warnings along the way. These types of attacks are called “macro-less malware” because they bypass the security warnings added to Microsoft Office programs in response to traditional macro malware like the Melissa virus at the end of the 20th century.

Credential phishing kits target victims differently depending on location
There is a new attack vector in town – the customization of phishing kits.

7 steps for getting your organization GDPR-ready
Compliance with the GDPR will require practical steps that improve employee awareness and the practices that make it more likely people will follow the rules.

Why developing an internal cybersecurity culture is essential for organizations
ENISA published a report providing organisations with practical tools and guidance to develop and maintain an internal cybersecurity culture.

Five smart TVs tested for security, privacy issues
Consumer Union, a US-based nonprofit organization dedicated to unbiased product testing, has conducted a privacy and security evaluation of five smart TVs from the most widely sold TV brands in the US.

Chrome will mark HTTP pages as “not secure”
Starting with Chrome 68, which is scheduled to be released in July 2018, Google will explicitly mark all HTTP sites as “not secure.”

Mac crypto miner distributed via MacUpdate, other software download sites
The malware has been bundled with decoy copies of Firefox, OnyX, and Deeper and tries to open them before starting itself so that users don’t get suspicious. But, it’s not always successful.

Most remain dissatisfied with threat intelligence quality and accuracy
Lack of accuracy and timeliness is among the top complaints about threat intelligence.

Data of 800,000 Swisscom customers compromised in breach
Swisscom, the biggest telecom company in Switzerland, has suffered a data breach that resulted in the compromise of personal data of some 800,000 customers, i.e., nearly ten percent of the entire Swiss population.

Cisco issues new, complete fixes for critical flaw in enterprise security appliances
Cisco researchers have identified additional attack vectors and features that are affected by the “perfect 10” remote code execution and denial of service vulnerability they attempted to patch two weeks ago.

8 trends in government tech for an enterprise-focused approach to IT
Deloitte examined emerging trends in government technology, and highlighted eight trends that are shaping strategic and operational transformations and redefining IT’s role within the enterprise.

Android devices roped into new Monero-mining botnet
A new Monero-mining bot sprang up several days ago and, in just a few days, has created a botnet consisting of over 7,000 Android devices.

HITB Security Conference in Amsterdam is all about advanced research
The agenda for Day 2 of the 9th annual HITB Security Conference in The Netherlands has been announced with even more advanced research including new sandbox evasion techniques, a groundbreaking method for establishing covert channels over GSM mobile networks, a tool for backdooring cars and much more.

2017 was extraordinary: 5,200 breaches exposed 7.8 billion records
Once again, the record has been broken for both the most breaches and the most data compromised in a year.

The new gold rush: A look inside cryptocurrency fraud
This new gold rush is creating a new frontier for professional cybercriminals moving away from less profitable techniques and exploits to make money on the back of the huge interest in these digital currencies.

Number of Internet-accessible ICS components is increasing every year
The number of industrial control system (ICS) components – which run factories, transport, power plants and other facilities – left open to Internet access, is increasing every year.

New infosec products of the week​: February 9, 2018
A rundown of infosec products released last week.

More about

Don't miss