CyberSecurity Pulse 2017-01-09
|“Sometimes you win, sometimes you learn.”|
|John C. Maxwell|
DHS-FBI Report Details Russian Malicious Cyberactivity
"The US Government confirms that two different Russian Intelligence Services (RIS) affiliated groups, were involved in an attack against the Democratic National Committee (DNC). The JAR notes that one group identified as APT28, hacked the DNC in the summer of 2015, while APT 29 breached the DNC in Spring 2016", established on the report. But, where's the explanation of attribution?
The public was looking for evidence of the attribution and the White House and the DHS/FBI clearly laid out that this report is aimed on how the DHS/FBI confirms that APT28 and APT29 are RIS groups that compromised a political party. The intelligence community has found itself in this position before, including in attributing a highly destructive attack on Sony Pictures Entertainment in 2014 to North Korea. One out of two, whether there are sources or processes of obtaining information that need to be protected and that have not been fully detailed in such report or this is the perfect excuse to sanction Russia.
U.S. Prosecutors Charge Three Chinese Hackers With Insider Trading
US federal prosecutors charged three Chinese nationals with hacking the networks of US-based international law firms so as to use some confidential information from those firms to conduct insider trading, making more than $4 million from the scheme according to a statement by the US Attorney’s Office. After successfully compromising two law firms, the group then allegedly bought shares in companies that were about to be acquired or which planned to acquire some other firms so as to sell afterwards these shares once the M&A deals were publicly announced.
Ransomware Infected an LG Smart TV Again
The latest incident in order of time involved an LG smart TV, the software engineer Darren Cauthon reported the device of one of his family members was infected with ransomware on Christmas day. The TV got the ransomware when the programmer’s wife downloaded an app to the TV promising free movies. However, the claim was just a bait that turned into a ransomware that demanded US$500 to unlock the device. The ransomware appears to be a version of the Cyber.Police ransomware, also known as Flocker and Frantic Locker.
Rest of the Week´s News
Recent Power Outages in Turkey Were Also Caused by Cyberattacks
According to Turkish Energy Minister Berat Albayrak, Istanbul and other areas in Turkey have been experiencing power outages since last week. The power outages were caused by sabotage of underground powerlines and cyberattacks originating in the US. "These attacks have been carried out systematically on different parts of the Energy Ministry, but we have repelled them all", explained.
Someone Hijacking Unsecured MongoDB Databases for Ransom
Nearly 200 instances of a MongoDB installation that's been erased and held for ransom. A security researcher has discovered that almost 600 Terabytes in MongoDB instances require no authentication to be accessed. MongoDB has resolved the issue in a new release by setting unrestricted remote access by default in the configuration, even if thousands of site administrators have not updated their servers yet.
Attackers Use Super Mario Run to Spread Malware
Nintendo recently released Super Mario Run for the iOS platform. In no time, the game became a sensational hit on the iTunes store. However, there is no official Android version yet, something that some actors are exploiting to spread malware that acts as an Android version of Super Mario Run.