Tag:Malware

1
Malware with your coffee? Starbucks customers sent to the virtual mines… to find bitcoins
2
Is nothing safe? New malware targets industrial control systems
3
A New Type of Cyberattack: AI-Powered Cyberattacks
4
Update everything: Discovery of Wi-Fi flaw in connected devices
5
Alarming number of Enterprise Cloud Services aren’t enterprise ready
6
Oracle’s Point-of-Sale division targeted by professional hackers
7
The biggest cyber security threats experienced by Australian organisations
8
Gone in a ‘Flash’ – Google ditches Adobe for HTML5
9
Malware attacks a Melbourne hospital’s outdated IT system
10
Complex ModPOS Malware Infects Point-of-Sale Terminals in Lead up to Christmas Spend Frenzy

Malware with your coffee? Starbucks customers sent to the virtual mines… to find bitcoins

By Cameron Abbott and Harry Crawford

“Free” Wi-Fi isn’t necessarily so. The Wi-Fi provided in a Starbucks store in Buenos Aires was recently discovered to be planting malware onto customer’s laptops. This is another lesson in how cybersecurity can affect even the most innocuous corner-store businesses.

Read More

Is nothing safe? New malware targets industrial control systems

By Cameron Abbott and Harry Crawford

I’m sure I saw this in Die Hard 4 but “life imitates art”.   A new type of malware has been discovered in a very rare field of operation for hackers: attacking industrial control systems. Cybersecurity firm FireEye has been tight-lipped in detailing the attack, but has indicated that it was against “a critical infrastructure organization” which inadvertently caused operations to shut down. The attack is also reminiscent of the infamous “Stuxnet” virus that was used against Iranian nuclear power plants in 2010. Read More

A New Type of Cyberattack: AI-Powered Cyberattacks

By Cameron Abbott and Harry Crawford

Researchers are warning that AI threatens to increase the sophistication and effectiveness of cyberattacks, according to a recent blog post by the Wall Street Journal.

Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Alarming number of Enterprise Cloud Services aren’t enterprise ready

By Cameron Abbott and Allison Wallace

A new report has revealed 95% of cloud services used by enterprises aren’t enterprise ready.

The January 2017 Netskope Cloud Report reveals a staggering 82% don’t encrypt data at rest, 66 per cent don’t specify in their terms that the customer owns their own data, and 42% don’t allow administrators to enforce password controls.

Of malware found in cloud services, backdoors were the most common (43.2%), with others including adware (9.8%), Javascript malware (8.1%) and ransomware (7.4%).

The report also shows an increase in the use of cloud services – with an average of 1031 cloud services in use per enterprise, up from 977 in the previous quarter. The retail, restaurant and hospitality industry was the biggest user of cloud services (1193), followed by financial services, banking and insurance (1132).

Oracle’s Point-of-Sale division targeted by professional hackers

By Cameron Abbott and Rebecca Murray

Oracle confirmed last week that its security was breached by a Russian organized cybercrime group infamous for hacking retailers and banks. Alarmingly, Oracle’s MICROS point-of-sale credit card payment system was one of the systems targeted in the attack. While the impact of the breach is still being investigated, the attack could have had wide impact. MICROS is one of the top three point-of-sale vendors worldwide and sells point-of-sale systems used at more than 330,000 cash registers globally.

It has been reported that Oracle became aware of the breach after its staff discovered malicious code on the MICROS customer support portal and systems. It is thought that the hackers installed malware on the troubleshooting portal in order to capture customers’ credentials as they logged in. Usernames and passwords could then be used to access customer accounts and remotely control MICROS point-of-sales terminals.

The attack has been linked to crime gang, Carbanak Gang, which has been accused of stealing more than $1 Billion from banks and retailers in the past. These guys clearly know what they are doing.

The biggest cyber security threats experienced by Australian organisations

By Jim Bulling and Michelle Chasser

The Australian Government Australian Cyber Security Centre (ACSC) has released its 2015 Cyber Security Survey: Major Australian Businesses. 149 organisations across a number of sectors, including banking and finance, defence and energy, responded to the survey which provides some interesting insights into cyber security activity and concerns for the future.

According to the survey the top 10 cyber security incidents experienced by respondents on their networks in the previous 12 months were:

  1. ransomware (72%)
  2. malware (66%)
  3. targeted malicious emails (59%)
  4. virus or worm infection (30%)
  5. theft of mobile devices and laptops (30%)
  6. trojan (27%)
  7. remote access trojans (20%)
  8. unauthorised access (25%)
  9. theft or breach of confidential information (23%)
  10. unauthorised access to information from an outsider (17%)

Read More

Gone in a ‘Flash’ – Google ditches Adobe for HTML5

By Cameron Abbott and Meg Aitken

Google has recently announced a plan to shift away from displaying ads built using Adobe Flash Player, instead opting for the HTML5 platform.

While the Adobe Flash plug-in technology has arguably been the premier tool for producing interactive media and animated video displays for some time, it has been criticised for employing inadequate security controls, leaving it susceptible to attacks by malware hackers.

Even Adobe itself is aware of the superior capabilities of HTML5. Adobe attempted to respond to the shift away from plug-in technology last year by rebranding the Flash Player and launching the ‘Animate CC’, which was touted as “Adobe’s premier web animation tool for developing HTML5 content while continuing to support the creation of Flash content”.

Google’s not sold, and has been blogging to encourage advertisers to convert their Flash Player ads HTML5 in order to influence a wider audience for some time, even providing ‘how to guides‘. From 30 June 2016, Google will no longer allow advertisers to upload new display ads built using Adobe Flash, and from January 2017, all ads built in the Adobe Flash format will not be supported by Google.

Access Google’s update here.

Malware attacks a Melbourne hospital’s outdated IT system

By Cameron Abbott and Meg Aitken

Don’t say we (and Microsoft) didn’t warn you, a prominent Melbourne hospital’s IT system that runs on an outdated and unsupported Windows operating system, Microsoft XP, was hacked last week.

Microsoft recently activated the end-of-life phase for Windows 8, 9 and 10 and encouraged users to transition to the company’s supported operating systems in order to prevent security incidents. The same process was undertaken for Microsoft XP in 2014; however the hospital continued to use the platform in some departments.

The pathology department was the primary victim of the attack and staff were reportedly forced to manually process blood tissue and urine samples while the electronic system was compromised. Fortunately, highly sensitive patient information is not believed to have been accessed by the hackers.

It has been reported that the hospital is now expediting plans to upgrade its IT systems.

Access the media release here.

Complex ModPOS Malware Infects Point-of-Sale Terminals in Lead up to Christmas Spend Frenzy

By Cameron Abbott and Meg Aitken

While the festive season approaches and retailers prepare for their busiest time of the year, a sophisticated form of point-of-sale malware, known as ‘ModPOS’, has reared its ugly head and is targeting payment terminals in the U.S.

It is estimated that the first ModPOS data hacks occurred in 2013 and that millions of credit and debit cards used at a broad variety of U.S. retailers have since been compromised. The unique complexity of the code, which experts say has never been seen before in malware, made it tricky to decipher.

Cyber security experts have warned that ModPOS has the ability to not only “scrape” credit and debit card numbers from the memory of point-of-sale terminals, but that the multifaceted code also records keystrokes of computer operators and transmits stolen data. If that isn’t enough, the malware is particularly difficult to detect and is reportedly capable of infiltrating despite security software and data controls.

More details about ModPOS malware can be found here.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.