Cybersecurity week Round-Up (2018, Week 3)

Cybersecurity week Round-Up (2018, Week 3) -Let’s try to summarize the most important event occurred last week in 3 minutes.

The week started with the discovery of a new variant of the dreaded Mirai Botnet dubbed Okiru, for the first time a malware targets ARC based IoT devices, billions of IoT devices are potentially at risk.

Kaspersky published a report on a powerful Android malware, dubbed SkyGoFree, developed for surveillance purposes by an Italian firm. The same malware was analyzed months before by researchers at CSE Cybsec in November 2017.

Interesting also the discovery of a new variant of the KillDist wiper that targeted Windows machines in financial institutions in Latin America.

Spectre and Meltdown continue to make the headlines, many users claim problems with the installed security patches.

While Oracle announces patches for the vulnerabilities affecting the Intel CPU,

SolarWinds reported severe performance degradation for its Amazon Web Services infrastructure.
Intel confirmed that Meltdown and Spectre patches have a variable impact and can cause unwanted reboots.
Red Hat reverts Spectre (CVE-2017-5715) security updates due to boot issues reported by customers

Crooks continues to focus their interest on cryptocurrencies. The BlackWallet.co web-based wallet application for the Stellar Lumen cryptocurrency suffered a DNS hijacking attack that resulted in the theft of $400,000

Security researchers at Check Point have spotted a malware family dubbed RubyMiner that is targeting web servers worldwide in an attempt to exploit their resources to mine Monero cryptocurrency.

This week emerged also the activity of Lebanese APT, dubbed Dark Caracal, that is operating at least since 2012 using a powerful Android spyware. Its arsenal also includes a Windows malware and the surveillance software FinFisher

Experts from Talos group published an interesting article on North Korea Group 123 involved in at least 6 different hacking campaigns in 2017 Last year

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – cybersecurity, cyberweek)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.