It is of utmost importance for you to stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around the world. The following headlines serve this purpose of providing phishing prevention tips:
Nefilim Ransomware Proves A Threat
Newly discovered ransomware Nefilim that uses a combination of AES-128 and RSA-2048 algorithms is causing much havoc by threatening to release stolen data. Spreading through exposed remote Desktop Services, Nefilim removes the Ransomware-as-a-Service (RaaS) component and depends on emails for payments rather than a Tor payment site.
Like its counterparts, Nefilim is on to continue the ‘Name and Shame’ game of attackers, but with the right measures, protection against an attack of this kind can be achieved.
New Vulnerability In Intel Processors
A new variant of Snoop-assisted L1 Data Sampling with a CVSS score of 5.6 is posing a threat to Intel processors. The vulnerability can leak data from the CPU’s internal memory by exploiting CPU mechanisms such as multiple cache levels, cache coherence, and bus snooping.
Assigned CVE-2020-0550, the vulnerability is believed to be a variant of a domain-bypass transient execution attack
However, security solutions have been deployed by the CPU maker. They have released patches in August 2018, which can fix the issue, although retrieving lost data remains a challenge.
Data Breach At DuPage College
The College of DuPage recently notified it of having undergone a cyber attack, which has compromised the personal and tax information of 1,755 of its present and former staff members. Although they didn’t mention any of the intricate details of the attack, they apologized for any loss caused to anybody and are offering free credit monitoring to over 1,700 current and former employees.
Brian Caputo – the College president notified that the lost data also included 2018 W-2 tax forms and could be possibly used by attackers for frauds. The college is now being extra cautious and adopting measures to safeguard their interests.
Covid-19 Related Cyber Scams On Rising
The people have been warned ample times to stay on guard for Corona Virus related security scams. The Chartered Trading Standards Institute (CTSI) says that the attackers are exploiting grievances of households with fake emails impersonating the Government, offering them the tax rebate. The counterfeit emails lure people with temptations and manipulate them into clicking links to receive the money.
Clicking the link needs you to enter your personal and bank details, which are all that hackers need. There are also fake smartphone apps, such as CovidLock, which demand ransom to unlock a user’s phone. To protect yourself from phishing, stay vigil, and prepare for increased remote working.
Data Breach At European Union
Bob Diachenko led security team of Comparitech discovered a database hosted by Amazon Web Services left unprotected online, which exposed around eight million retail sales records from the European Union. The exposed MongoDB database included customer names, email addresses, shipping addresses, purchases, and the last four digits of credit card numbers.
Although the exposed details are not enough to launch a full-fledged attack, they are still an asset for the attackers. This is an indication for people to strengthen their phishing email prevention measures. The database owner, too, has been notified to shut it down immediately.
Email Phishing Rises At SLC
More than 5 million email phishing attacks were launched on the Student Loans Company (SLC) in 2019, 91% of which was blocked by the firm. This speaks of the vulnerability level of the UK based fund providing body. SLC is a lucrative target for attackers because a successful attack would give them access to the personal and financial information of millions of UK students.
Corona Virus – The Ransomware
As the world struggles with the Corona Virus, hackers use the fear endlessly to launch cyber attacks, the most recent being named after the virus itself! Distributed as an infected website that impersonating a WiseCleaner ad, Corona Virus (the ransomware) infects a device and injects the information-stealing tool Khalesi or Kpot trojan.
The Corona Virus ransomware is a wiper and downloads additional files from a remote website, once installed. It is capable of stealing web browser data, email, instant messengers, VPN, cryptocurrency, RDP, FTP, gaming software, and account information, along with secretly taking screenshots of the desktop and targeting crypto wallets stored on the device.
Data Breach At Truefire
Florida based online guitar lesson provider TrueFire discovered a data breach in its system on 10th January 2020. The company provides online guitar lessons to millions of students globally. However, it is only after two months that the company decided to let the public know about a breach in its system that went on for six months before detection.
TrueFire’s Chief Customer Officer Ren Wright, in a data breach notification letter on 9th March 2020, notified users who made purchases between 3rd August 2019, and 14th January 2020, of a possible compromise of their data. This data includes their names, addresses, payment card account numbers, card expiration date, and security codes.
The company has neither taken any anti-phishing protection measures nor extended free credit monitoring to affected customers. It has merely advised customers to review their credit and debit card statements and check for any unusual activity.
Security Breach At Open Exchange Rates
Currency Data Provider, Open Exchange Rates, notified of a data breach last week. They discovered the violation while trying to solve a network issue. Their research revealed that the attacker gained access to their database on 9th February 2020. The exposed information includes names, email addresses, encrypted/hashed passwords, App IDs associated with users’ accounts, IP addresses, personal and business names and addresses for some users, including the country of residence.
To ensure protection against phishing, Open Exchange Rates has forced a password reset for all accounts created before 2nd March 2020 and has advised users to generate new API IDs using the account dashboard to access the service.
Beware Of MonitorMinor
The stalkerware MonitorMinor can track user activity of Gmail, WhatsApp, Instagram, Facebook, LINE: Free Calls & Messages, Zalo – Video Call, Kik, Hangouts, Viber, Hike News & Content, Skype, Snapchat, JusTalk, and BOTIM users.
MonitorMinor is commercial monitoring software or spyware and is considered to be more powerful than all existing stalkerware. It can gather the victim’s current geolocation, intercept SMS and call data, and implement geofencing features. It also allows spying on other communication channels such as instant messaging applications.
It is all the more dangerous as victims cannot remove the spying software using regular OS tools. The highest installation of MonitorMinor has been in India and Mexico, followed by Germany, Saudi Arabia, and the UK. Evidence also hints towards the Indian origin of the stalkerware.