This week’s Knowledge Update talks about Zeus Panda targeting holiday shoppers, a severe security flaw has been found in a Windows 10 Password Manager and Western Retaliation over WannaCry.
Zeus Panda targeting holiday shoppers
With the online Christmas shopping spree underway, cyber criminals are seeking to take advantage of the increase in activity by infecting retail and travel sites with malware such as Zeus Panda, a banking trojan.
Proofpoint have reported that cyber criminals are spreading the malware to non-banking targets, consumers, and e-commerce users.
All devices should have anti-virus software installed and set up to update automatically. Alongside this, all software should be enabled to update automatically.
More information on how to protect your business can be found here.
Severe security flaw found in Windows 10 Password Manager
A researcher at Google has uncovered a severe security flaw within a password management tool that has been packaged with the Windows 10 Operating System.
Travis Ormandy from Google’s Project Zero revealed that the Keeper Password had been injecting ‘Privileged UI’ into different pages.
As Javvad Malik, security advocate, AlienVault, told SC Media UK: “All software will eventually have a vulnerability discovered at some point. Security software such as password managers are no exception to the rule. It is fortunate that researchers such as Tavis work to uncover and disclose such vulnerabilities. Keeper demonstrated it does take security seriously with an emergency patch issued within 24 hours of receiving the vulnerability report. A very quick turnaround by any measure.”
Ensure that your operating systems and devices are updated regularly, if not automatically. This will protect your organisation from the latest known flaws and vulnerabilities. It is also recommended that all default passwords should be changed and that updates should be applied regularly to devices. Information on what makes a strong password can be found here.
Western Retaliation over WannaCry
Intelligence services have indicated that the North Korean regime was responsible for the proliferation of the WannaCry ransomware attack that disrupted public services, companies and homes around the world in May.
The Foreign Office minister for cyber, Tariq Ahmad, said: “We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyberspace. The indiscriminate use of the WannaCry ransomware demonstrates North Korean actors using their cyber programme to circumvent sanctions.”
He added: “International law applies online as it does offline. The United Kingdom is determined to identify, pursue and respond to malicious cyber-activity regardless of where it originates, imposing costs on those who wish to attack us in cyberspace. We are committed to strengthening coordinated international efforts to uphold a free, open, peaceful and secure cyberspace.”
As strains of Ransomware develop and evolve it is increasingly important for businesses to regularly and securely back up their critical data. Businesses cannot rely on anti-virus alone to protect themselves from Ransomware, a guide to Ransomware can be found here: https://www.ncsc.gov.uk/WannaCry-guidance-for-home-users-and-small-businesses
Anti-virus software should also be installed on your device and automatic updates should be enabled. Anti-virus software’s can be used to detect and remove malware from your corporate network.
More information on flaws and the risks they pose can be found here.