The details of the Baltimore RobbinHood ransomware attack, a new Intel CPU threat to rival Spectre & Meltdown, Instagram influencer privacy issues, and more in This Week in Cyber Security: where we highlight select top cyber security stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cyber security and technology news.

The Week of May 24th, 2019:

  • Connectwise Manage, a remote monitoring and business program used by businesses around the world, was involved in a ransomware attack in Europe. According to Connectwise, no data was lost and no EU compliance-related data problems occurred. The company stated that the threat came from outside cloud testing and completely rebuilt, scanned, and setup new servers for their cloud infrastructure in various regions, including North America. Multiple additional security layers have been implemented, all passwords within that infected environment were reset, and Connectwise has prohibited all offsite system testing going forward. (MSSPAlert)
  • More information about the RobbinHood ransomware attack on Baltimore, MD a few weeks ago has divulged. The attack that took place on Baltimore’s servers remains anonymous, but the hackers demanded payment in Bitcoin, 13 bitcoins to be exact – the equivalent of about $100,000, which City Mayor jack Young refuses to pay. However, RobbinHood is so powerful that access to Baltimore’s server data is impossible without a digital key that as of now, has not been replicated. The city has turned to cybersecurity experts and the city of Atlanta to help them mitigate the attack, who also suffered a similar ransomware attack in March 2018 that reportedly cost $17 million to recover from. (NPR)
  • Speaking of cryptocurrency, a fake app in the Google Play Store has been phishing users out of their bitcoin and various other types of cryptocurrencies. At its surface, the app Trezor seems like it was safe enough, giving users the ability to manage multiple forms of cryptocurrency in one interface (or wallet). However, a fake app called Coin Wallet impersonated Trezor, scamming the users out of their money and places it into an attacker’s wallet instead. Both apps have been removed from the Google Play Store, however Trezor stated that users should monitor their email accounts for suspicious activity after the attack. (InfoSec Magazine)
  • If your computer is powered by an Intel CPU, you should be on the lookout for a new threat called ZombieLoad and could parallel the effects of other major attacks such as Spectre and Meltdown. The bug could potentially affect all Intel processors made since 2011, which includes including all Macbooks, a large sum of Windows PCs, Linux servers, Chromebooks, and even cloud-powered virtual machines. The good news is that Intel, Google, Microsoft, and Apple have all issued patch updates for the flaws, of which Google’s OS update, Chrome OS 74, disables hyper-threading to prevent the security risk. (Tom’s Guide)
  • Are you an Influencer on Instagram? Then your information may have been exposed. An independent cybersecurity researcher found that a cloud database containing information of over 49 million Instagram users, including brand accounts, was left exposed for over 72 hours. Chtrbox, the owner of the database, claims that their database “does not contain any sensitive personal data and only contained information available from the public domain, or self-reported by influencers.” Regardless, change your password and watch your Instagram account for strange activity. (TechCrunch)

neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.