16 February 2018
Mining Malware Tsunami Continues: ‘5000’ High-Profile UK Websites Hit By Tainted Plugin
More than 5,000 websites have been hacked to force visitors’ computers to run software that mines a cryptocurrency. Users loading the website of ICO, Student Loan Company and many more, had their computer’s processing power hijacked by attackers. Malicious code for software known as “Coinhive” a program advertised as ‘a crypto miner for your website’ would start running in the background until the webpage is closed. The Coinhive script was inserted into a popular third-party accessibility plugin “BrowseAloud” which is used to help blind people access the web. Government website continue to operate securely. At this stage there is nothing to suggest that the public data is at risk. The news comes amid multiple warnings of similar malware propagation throughout the world, including Monero mining malware infecting Android devices this month.
Kaspersky Lab finds a flaw that leaves some gas stations vulnerable to hackers
A security company has found several “unknown vulnerabilities” in the software of gas stations around the world. Vulnerabilities were found in an embedded gas station controller of which there are currently over 1,000 installed and online. The controller, which runs a Linux machine, operates with high privileges and researchers discovered many vulnerabilities that leave the device and the systems it is connected to open to cyberattack. According to Kaspersky Lab, an “intruder” who is able to bypass the login screen and gain access to the main interfaces would be able to shut down all fuelling systems, change the fuel prices, cause fuel leakages, circumvent payment terminals to steal money (the controller connects directly to the payment terminal, so payment transactions could be hijacked), execute code on the controller unit and move freely within the gas station network.
'Russian military behind NotPetya attacks': UK officially names and shames Kremlin
After blaming North Korea for WannaCry, UK now officially pins crippling NotPetya attacks on Russia. The attack showed a continued disregard for Ukrainian sovereignty. Its reckless release disrupted organisations across Europe, costing hundreds of millions of pounds. Initially NotPetya was thought to be ransomware, but security researchers quickly concluded it was more likely to be destructive malware designed to wipe systems. The UK's National Cyber Security Centre (NCSC) revealed it came to the same conclusion, noting that the malware was only masquerading as ransomware and its main purpose was to disrupt. The NCSC said the Russian military was "almost certainly responsible" for the NotPetya attack. However, Russia and North Korea have consistently denied responsibility for the NotPetya, WannaCry, and other cyber attacks.
Looking for love on valentine's day? Email scams target singles looking for romance
Valentine’s Day can be hard for singles, and zombie bots are hoping to take advantage of those feeling particularly lonely. IBM X-Force reported an increase in dating spam issuing from the Necurs botnet. The uptick started in January and is expected to increase as Valentine’s Day nears. The Necurs botnet is the world’s biggest source of spam. You can thank the bot for malware that steals your bank information, fake dating ads, stock scams, work from home schemes and other phishing expeditions. The Necurs dating spam sends out 30 million emails a day posing as Russian women living in the United States who are looking for true love. Generally email scams are thought to be riddled with typos and errors, but these emails seem almost like regular human conversation. The people behind the campaign ask for revealing photos, seek money for a supposed visit or infect computers with malware.
Police Outsource Digital Forensic work to Unaccredited Labs
At least 15 police forces, including Greater Manchester police and the Metropolitan police, have outsourced digital forensic investigative work to unaccredited labs in the past year, at a time when a series of rape cases have been abandoned because of problems with digital evidence. The collapse of four trials within two months because digital forensic evidence had not been shared with defence teams has shaken confidence in the criminal justice system and triggered a review of thousands of rape cases by the Crown Prosecution Service. Concerns have emerged about the quality of digital forensic evidence being used to prosecute serious crimes, including rape and child abuse. The digital forensics market is described as a “race to the bottom”, as police contracts are awarded to the cheapest providers regardless of minimum quality standards set by the government.
PyeongChang 2018 Winter Olympics Opening Ceremony Disrupted by Malware Attack
The Pyeongchang Winter Olympics taking place in South Korea was disrupted following a malware attack before and during the opening ceremony. The cyber-attack concurred with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press centre, leaving attendees unable to print their tickets for events or get venue information. The Pyeongchang Winter Olympics organizing committee confirmed that a cyber-attack hit its network helping run the event during the opening ceremony. Multiple cybersecurity firms published reports suggesting that the cause of the disruption was a destructive wiper malware called the “Olympic Destroyer” that had been spread throughout the Winter Games' official network using stolen credentials.
Cyber Security training from QA
QA have uniquely positioned themselves to help solve the Cyber skills gap from our CyberFirst and Cyber Apprenticeship programmes and Cyber Academies to Cyber Challenges, Training and Certifications and Consultancy for Cyber Security. They offer end-to-end Cyber training and certifications from Cyber Awareness to deep dive Cyber Programmes and solutions; from Cyber Investigations, Cyber Crisis Management, Proctive Security to Offensive Defence. QA only employ world leading Cyber trainers who have the expertise to deliver bespoke Cyber solutions, GCHQ accredited courses and proudly the CyberFirst programme. This is all to support in tackling the UK's National Cyber Security skills shortage.
QA also have state-of-the-art Cyber Labs, where companies can simulate real-life Cyber-attacks on their infrastructure, helping them to prevent & combat breaches without risking their own network.
Visit cyber.qa.com for more information on how to solve your Cyber Security skills gap