This Week in Security News: Ransomware Campaigns Persist with WannaCry as Most Common
Credit to Author: Jon Clay (Global Threat Communications)| Date: Tue, 03 Sep 2019 17:36:02 +0000
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how a total of 118 new ransomware families emerged in the first half of 2018, but only 47 new ones debuted in the first six months of this year, according to Trend Micro’s 2019 Mid-Year security report. Also, read on about how Trend Micro was once again named a Leader in Gartner’s 2019 Magic Quadrant.
Read on:
Trend Micro Named a Leader in 2019 Gartner Magic Quadrant for Endpoint Protection Platforms
Trend was named a Leader in Gartner, Inc.’s 2019 Magic Quadrant for Endpoint Protection Platforms in evaluation of its Apex One endpoint security solution. Trend has been named a Leader in every Gartner Magic Quadrant for this category since 2002.
Three Common Email Security Mistakes that MSPs Make
MSPs can generate recurring revenue by being proactive about educating customers about email threats and how to defeat them—if they avoid three common mistakes: failing to educate customers, placing too much faith on end-user training and leaving service revenue on the table.
WannaCry Remains No. 1 Ransomware Weapon
According to Trend Micro’s 2019 mid-year security report, WannaCry remains the most commonly detected ransomware by far: about 10 times as many machines were found targeted by WannaCry in the first half of this year than all other ransomware variants combined. Bill Malik, vice president of infrastructure strategies at Trend Micro, discusses the prevalence of this ransomware and how it works.
TA505 at it Again: Variety is the Spice of ServHelper and FlawedAmmyy
TA505 continues to show that they intend to wreak as much havoc while maximizing potential profits. Just like in previous operations, this cybercriminal group continues to make small changes for each campaign such as targeting other countries, entities, or the combination of techniques used for deployment.
‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information
Heatstroke demonstrates how far phishing techniques have evolved — from merely mimicking legitimate websites and using diversified social engineering tactics — with its use of more sophisticated techniques such as steganography.
Hackers to Stress-Test Facebook Portal at Hacking Contest
Hackers will soon be able to stress-test the Facebook Portal at the annual Pwn2Own hacking contest, following the introduction of the social media giant’s debut hardware device last year. Introducing the Facebook Portal is part of a push by Trend Micro’s Zero Day Initiative, which runs the contest, to expand the range of home automation devices available to researchers in attendance.
Fortnite Players Targeted by Ransomware via Fake Cheat Tool
An open-source ransomware variant called “Syrk,” based on the source code of the Hidden-Cry ransomware, was found pretending to be a cheat tool that improves the accuracy of a player’s aim and provides visibility over other players’ location on the map. Upon infection, a ransom note will demand payment from victims in exchange for a decryption password.
Cybercriminal Group Silence Has Reportedly Stolen US$4.2 Million from Banks So Far
Contrary to their moniker, the Silence cybercriminal group has been reported to be actively targeting banks and financial institutions in more than 30 countries. Silence reportedly stole US$4.2 million from June 2016 to August 2019.
US Cyberattack Damaged Iran’s Ability to Target Oil Tankers, Report Says
A database used by Iran’s paramilitary arm to devise attacks against oil tankers was wiped out by a US cyberattack in June, temporarily reducing Tehran’s means of targeting Persian Gulf shipping traffic.
Nemty Ransomware Possibly Spreads through Exposed Remote Desktop Connections
A new ransomware family dubbed “Nemty” for the extension it adds to encrypted files has recently surfaced. According to a report from Bleeping Computer, New York-based reverse engineer Vitali Kremez posits that Nemty is possibly delivered through exposed remote desktop connections.
Abuse of WS-Discovery Protocol Can Lead to Large-Scale DDoS Attacks
Security researchers have discovered that attackers can abuse the Web Services Dynamic Discovery (WS-Discovery) protocol to launch massive distributed denial of service (DDoS) campaigns. These researchers have issued a warning after seeing cybercriminals abuse the WS-Discovery protocol in different DDoS campaigns over the past few months.
Phishing Attack Tricks Instagram Users via Fake 2-Factor Authentication
Although 2FA remains a valid and highly useful tool, Instagram users should not be complacent and rely on it alone, especially when fake 2FA notifications can be used for malicious purposes. In this blog, Trend Micro recommends some best practices users can combine with their existing security tools to help protect against phishing.
Q&A: In a Cloud-Connected World, Cybersecurity is Key
Cloud computing is becoming a critical tool for business, in terms of storing an assessing data. With the increases use of the cloud comes greater security risks. Mark Nunnikhoven, vice president of cloud research at Trend Micro, assesses the solutions.
Will you be following Trend’s best protection practices when playing Fortnite or using Instagram? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Ransomware Campaigns Persist with WannaCry as Most Common appeared first on .