Weekly Magazin 11/9/2020

Cyber News SEPTEMBER 11th, 2020 | #17 HIGHLIGHTS Back to school? Not so fast A spike in Emotet attacks reported in France, New Zealand and Japan Ransomware on the rise again 800,000 user records were breached from a webmaster forum Windows 10 themes can be manipulated to cause credential theft Adobe releases 18 critical security patches MALWARES: Back to school? Not so fast After months of remote studies, students and their parents were eagerly awaiting the first day back of in-person schooling. However, on the morning of said day (September 8th) the people of Hartford, Connecticut, got the announcement thatֿ in-person learning will not be resumed due to a ransomware attack that impacted IT systems of several of Hartford Public Schools and bus company. Remote studies have also been suspended and there is no current timeline as to when learning will be resumed. www.helena-sec.com Helena-sec Helenasec [email protected]

MALWARES: A spike in Emotet attacks reported in France, New Zealand and Japan A spike in Emotet infections has been recently reported in France, New Zealand and Japan. The Emotet malware has been in circle since 2014, infecting numerous devices throughout the world. The malware is used to establish entry point to the organization which can be later sold to cyber- crime organization to distribute ransomware or other attacks. The attack starts with a phishing email that is aimed at stealing credentials. after gaining access to an email account the attackers replays to existing email threads and attach the malware files, thus infecting non-suspicious users. Ransomware on the rise again During 2020 there was a 7 folds increase in ransomware attacks throughout the world. Working from home increased potential exposure of users, and hackers were quick to take advantage of that. Ransomware is not only growing in numbers, but in complexity as well. New attack vectors and sticky ransomwares are continuously being introduced, and older versions are not dismissed but are used for ransomware-as-a-service, making their developers even more money. www.helena-sec.com Helena-sec Helenasec [email protected]

DATA BREACHES: 800,000 user records were breached from a webmaster forum On July 1st 2020 security researcher Jeremiah Fowler, uncovered unsecured Elasticsearch database containing over 62 million records, over 800,000 of these records belongs to Digital Point, a leading webmaster community. The breach was made possible due to an unsecured Elasticsearch database, containing: names, email addresses, internal user IDs, internal records and user post details. The breach was disclosed to the company who immediately revoked access to the database. SECURITY ATTACKS: Windows 10 themes can be manipulated to cause credential theft Windows 10 users can create their own themes customizing colors, wallpapers, sounds, and mouse cursors. Users can save the theme and share it with others. Security researcher Jimmy Bayne recently revealed that by creating these personalized themes he was able to concoct a \"pass the hash\" attack, so that when a user installs the theme his computer will attempt to access a remote authentication service. This is done at the background and the user remains unaware of the attempt. In the meantime, authentication attempts are being performed based on the user's NTLM hash and login name, which are than harvested by the attacker for future use. SECURITY VULNERABILITIES: Adobe releases 18 critical security patches Adobe released the largest patch tackle of Adobe Experience Manager (AEM) product, affecting Adobe InDesign, Adobe Framemaker, and Adobe Experience Manager. The patches addressed several critical vulnerabilities that can result in JavaScript execution in the browser, execution with unnecessary privileges and browser-based arbitrary HTML injection vulnerability. www.helena-sec.com Helena-sec Helenasec [email protected]

OUR WEEKLY RECOMMENDATION: Critical vulnerabilities on software products have been exploited in the past, and will be in the future. It is advised to always keep all software well updated, both on your computes and mobile devices. PREVIOUS MAGAZINES >