Cybersecurity week Round-Up (2018, Week 8)

Pierluigi Paganini February 26, 2018

Cybersecurity week Round-Up (2018, Week 8) -Let’s try to summarize the most important event occurred last week in 3 minutes.

Last week, the Russian central bank revealed unknown hackers have stolen roughly $6 million from a Russian bank last year via SWIFT system.

The Indian City Union Bank announced that cyber criminals compromised its systems and transferred a total of US$1.8 million.

Hackers continue to show a great interest in cryptocurrency.

  • Researchers with Cisco Talos have monitored a bitcoin phishing campaign conducted by a criminal gang tracked as COINHOARDER that made an estimated $50 million by exploiting Google AdWords.
  • A criminal organization has made $3.4 million by compromising Jenkins servers and installing a Monero cryptocurrency miner dubbed JenkinsMiner.
  • Hackers compromised a Tesla Internal Servers with a Cryptocurrency miner.

Google Project Zero hackers disclosed details of an unpatched vulnerability in the Edge browser because Microsoft failed to address it within a 90-day deadline.

Google white hackers disclosed also critical vulnerabilities in uTorrent clients that could be easily exploited by the researchers to deliver a malware on the target computer or view the past downloads.

The former NSA hacker and malware researcher Patrick Wardle spotted a new remote access Trojan dubbed Coldroot RAT. The Coldroot RAT is a cross-platform malware that is targeting MacOS systems and the bad news is that AV software is not able to detect it.

Intel released a stable microcode update to address the Spectre vulnerability for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants.

State-sponsored hackers are often active and are expanding their horizons:

  • North Korean APT Group tracked as APT37 broadens its horizons targeting entities in Japan, Vietnam, and even the Middle East last year;
  • Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia;
  • Iran-linked group OilRig used a new Trojan called OopsIE in recent attacks against an insurance agency and a financial institution in the Middle East.

Researchers at Fortinet have discovered the OMG botnet, the first Mirai variant that sets up proxy servers on the compromised IoT devices.

SamSam Ransomware hit the Colorado Department of Transportation Agency that shut Down 2,000 Computers after the infection.

FBI warns of spike in phishing campaigns to gather W-2 information.

Enjoy the video 😉

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – cybersecurity, cyberweek)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment