German Hospitals Latest Ransomware Target

In the past week, several German hospitals have reported ransomware attacks on their internal systems. While one of the hospitals was able to minimize the damage by isolating the infected server, Lukas Hospital wasn’t as fortunate, as their system had been encrypted before they could react properly. Fortunately, the hospitals in question were able to restore the lost data using backups that are performed regularly.

https://www.helpnetsecurity.com/2016/02/26/crypto-ransomware-hits-german-hospitals/

China Accused of Hacking Norwegian Companies

Recently, the head of Norwegian Intelligence came out to publicly accuse China/Chinese hackers of accessing highly valuable military information. This accusation is based upon the methodology typically used by Chinese hackers and the evidence showing geolocation of IP addresses, the language used in the coding, and the types of malware that were used. Currently, it is thought that the vulnerability was a targeted spear-phishing attack on several companies, though no official source has confirmed it.

http://www.scmagazine.com/norway-officially-accuses-china-of-stealing-military-secrets/article/479574/

DROWN Attacks Leave HTTPS Servers Defenseless

Researchers have recently discovered a new method for man-in-the-middle attacks between clients and an SSLv2 server, which is no longer up-to-date, but also still widely used. Unfortunately for end users, there is little that can be done if the system admins haven’t ensured the vulnerability is resolved, though discontinuing use of SSLv2 would eliminate this type of threat completely.

https://www.helpnetsecurity.com/2016/03/01/drown-attack-breaks-tls-encryption-one-third-of-all-https-servers-vulnerable/

Software Updates, The Backdoor To Your System

Every computer runs system or software updates, often without the express consent of the user, but this could have unexpected results. With the proper access to push the update and a way to make it appear authentic, an attacker could send malicious content while seeming to pose no threat to the system. While nearly every operating system has this type of failure point, more and more developers are working towards ensuring updates are only done when they are properly signed.

http://arstechnica.com/security/2016/02/most-software-already-has-a-golden-key-backdoor-its-called-auto-update/

Wendy’s Breach Affecting Financial Insitutions

It was recently found that several Wendy’s locations had been targeted by a point-of-sale malware attack, used to steal customer credit card information. The breach has been larger in scale than previous attacks, and it appears the money being drained from the accounts is in significantly higher amounts. It is currently unknown how many locations have been affected, but it’s likely to be the stores that are using the older card-swipe method over the improved chip-card reader.

http://krebsonsecurity.com/2016/03/credit-unions-feeling-pinch-in-wendys-breach/

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This