ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
The latest In Case You Missed It (ICYMI) looks at CEO whaling victim; Unpatched zero-day; Passwords dropped; Self-propagating ransomware; USB charging hack
Whaling attack (Euros)
Following a successful whaling attack in January which cost FACC €40 million, the company has sacked both its CFO and CEO.
FACC Operations GmbH is an Austrian company that produces spare parts for major aircraft manufacturers. In January it revealed that it had been the victim of an email fraud in which it lost €50 million (£38 million) as a result of the CEO falling for a whaling attack though some has since been recovered. More
Trustwave has found a zero-day exploit affecting all versions of Microsoft's OS Windows, all the way from Windows 2000 up to a fully patched version of Windows 10 including all server editions. It estimates that this affects 1.5 billion computers globally.
The company provides threat intelligence services and regularly monitors several forums, and it is through this it discovered the exploit which was found on a Russian speaking forum and is currently being offered for sale for £62,000 ($US 90,000). More
Microsoft is dynamically banning common passwords and using smart password lockout to protect users and passwords in the Microsoft Account System and private preview Azure AD.
The Azure AD Identity Protection team keeps updating the list of common password continuously to prevent users from choosing known easy passwords - such as Password. Microsoft is also making sure users are not locked out if bad guys are trying to guess passwords online. Microsoft says it can can determine the risk associated with a specific login session using data on where the person is logging in and what network they are using, and so can lock out suspected intruders, but allow legitmate users to login if they are using their own device on an internet network they have used before. More
A new version of ransomware, dubbed Ransom:Win32/ZCryptor.A, that is able to move itself from computer to computer is hitting Microsoft Windows users.
Microsoft's Threat Research & Response blog issued an alert to its customers on 26 May warning them of the bug, ZCryptor. The nastiest aspect of this piece of malware is its ability to reproduce and then spread to other systems through removable media devices, such as flash drives, as well as network drives. This capability is not often seen, noted Trend Micro researcher Michael Jay Villanueva. More
Experts at Kaspersky Lab tested a variety of smartphones with Android and iOS operating systems to comprehend what data is transferred when connected to a Mac or PC USB port and discovered that a whole slew of data transfers to the computer while the two devices are connected.
“Using just a regular PC and a standard micro USB cable, armed with a set of special commands, Kaspersky experts were able to re-flash a smartphone and silently install a root application on it. This amounts to a total compromise of the smartphone, even though no malware was used,” Kaspersky said. More