You are here

Home » Cybersecurity

Cybersecurity

Fired IT Employee Annihilates 23 of Ex-Employer’s Servers

A digital marketing and software company fired one of its IT employees after a month of unsatisfactory performance. The ex-employee responded by stealing the login credentials of a former colleague and deleting the company’s information on 23 Amazon Web Services (AWS) servers. The company was never able to regain the data and lost big contracts a result; authorities estimate its losses amounted to about $700,000. It took months to track down the culprit who, by the time of his arrest, was working for a different company.

Majority of Ransomware Attacks Targeted SMBs, according to Report

Beazley Breach Response Services has published a report with its analysis of the more than 3,300 data incidents it investigated in 2018. Among other highlights, the report notes that 71% of ransomware attacks targeted small-to-medium sized companies (SMBs). The report also observed that the average ransomware demand in 2018 was more than $116,000, although this was skewed by some very large demands. The median was $10,310. The highest demand received among the cases investigated by Beazley was for $8.5 million – the equivalent of 3,000 Bitcoin at the time.

How Ransomware Attack Transformed Atlanta’s Approach to IT

An interview with Atlanta Chief Information Officer (CIO) Gary Brantley highlights some of the changes the city implemented in the wake of an attack by the SamSam ransomware. The advanced attack, which the U.S. Department of Justice alleges was conducted by two Iranian men, affected computers and systems across Atlanta’s city government. “The first order of business was to get the environment back up to where it needed to be,” said Brantley.

Private Information Remains on Resold and Donated Technology

A researcher from cybersecurity company Rapid7 has published the results of six months of research into whether businesses that sell refurbished computers or accept donated items follow through on their promises to wipe them of data. With a total of $600, he bought 41 computers, 27 removable media devices (e.g., flash drives and memory cards), 11 hard disks, and 6 cell phones. While he could not get any extract any data from the cell phones (due mostly to their age), only two out of the 85 other devices had been erased properly.

Eighty Percent of the Top Exploited Vulnerabilities in 2018 Targeted Microsoft

A just released report from Recorded Future observes that eight out of ten vulnerabilities exploited via phishing attacks, exploit kits, or remote access trojans targeted Microsoft products. This was the second year in a row in which Microsoft was targeted the most. In 2017, seven of the top ten vulnerabilities affected Microsoft. The top exploited vulnerability on Recorded Future’s list, CVE-2018-8174, a Microsoft Internet Explorer vulnerability nicknamed “Double Kill,” was included in four exploit kits (RIG, Fallout, KaiXin, and Magnitude).

Microsoft Ending Support for Windows 7

All software products have a life-cycle. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running the Windows 7 operating system. After this date, this product will no longer receive free technical support for any issues, software updates, and security updates or fixes. Computers running the Windows 7 operating system will continue to work even after support ends. However, using unsupported software may increase the risks from viruses and other security threats.

Columbia Weather Systems MicroServer (ICSA-19-078-02)

The NCCIC has published an advisory on cross-site scripting, path traversal, improper authentication, improper input validation, and code injection vulnerabilities in Columbia Weather Systems MicroServer. Weather MicroServer firmware Version MS_2.6.9900 and prior are affected. Successful exploitation of these vulnerabilities may allow disclosure of data, cause a denial-of-service condition, and allow remote code execution. Columbia Weather Systems has released a firmware update, Version: MS_2.7.9973, that addresses all of the vulnerabilities.

AVEVA InduSoft Web Studio and InTouch Edge HMI (ICSA-19-078-01) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an uncontrolled search path element in AVEVA InduSoft Web Studio and InTouch Edge HMI. InduSoft Web Studio versions prior to v8.1 SP3 and InTouch Edge HMI versions prior to 2017 Update 3 are affected. Successful exploitation of this vulnerability could allow execution of unauthorized code or commands AVEVA recommends that users upgrade to the latest versions. The NCCIC also recommends a series of mitigating measures for this vulnerability.

Pages

Subscribe to Cybersecurity