Another Florida city endures a ransomware attack, EA Origin nearly gets compromised, the security problem with online video converters, and more in This Week in Cyber Security: where we highlight select top cyber security stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cyber security and technology news.
If you would like to be the first to know about our Week in Cybersecurity reports and receive a FREE Webcam Cover, sign up here.
The Week of June 28th, 2019:
- Two Trojan malware attacks are making the rounds again under the names of LokiBot and Nanocore. Delivered via generic phishing emails, what makes these attacks so interesting is the type of file included in the attack. The malicious file is an ISO file, a type of disk image format, and not a typical Word doc or PDF document. ISO files are not a commonly used type of file format, increasing the chances of it slipping past many antivirus solutions. Within the ISO contains an executable file that activates the malware, so always be vigilant before opening any questionable attachments in your emails. (ZDNet Security)
- YouTube video-to-audio converter site OnlineVideoConverter (dotcom) has been infected by a malvertising attack. The website, which takes YouTube videos and converts them to downloadable mp3 files after inputting the URL, was found to contain a malware exploit kit called GreenFlash that allowed the advertisements to be infected by the Seon ransomware. Like a malvertising attack that happened on Forbes’ website years ago, the website was unknown of the malicious code and/or links that were hidden within their seemingly-normal advertisements. The attack has mainly only affected users in Asian countries, but the attack also sneaks in a cryptocurrency miner and data thievery threat,Pony. (Malwarebytes)
- Popular video game publisher Electronic Arts (EA) recently strengthened its security after detecting a vulnerability in its software platform, EA Origin, that could have potentially exposed more than 300 million users. Security researchers found that the security flaw, if left unpatched, could allow hackers to steal account user credentials by procuring a Single Sign-On authorization token without the user knowing. Thankfully, EA was proactive in isolating the vulnerability so no attackers could exploit it while they worked on a patch. (CNET Security)
- While the recent city-wide ransomware attack on the cities of Baltimore, MD and Riviera Beach, FL are still fresh in the memory, we now can add one more city to the infected list. The city of Lake City, Florida was hit with a ransomware attack on June 10th, with the attackers demanding a whopping $460,000 to regain access to their computer systems. On June 25th, the mayor agreed to pay the ransom, which aside from the police and fire departments, left the city without access to their email and other servers for over two weeks. (CBS 47 News, InfoSec Magazine)
- Ransomware has arguably been the largest and most buzz-worthy cybersecurity threat for years now, but security firm Trend Micro has released a new study that breaks down and ranks the threat by country. The United States ranked for the highest risk at 11% of ransomware attacks worldwide within the first three months of 2019. Brazil came in second at 10%, while India, Vietnam, and Turkey populated the rest of the top five countries. These rankings were determined by known distribution of ransomware attacks in Q1 2019 through email, URLs, and malicious files. (Trend Micro)
neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.