There’s a lot that happens in the security world, with many stories getting lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
MySpace Hack Could Be Largest in Recent History
Recently, LeakedSource announced that they had obtained the login credentials for over 300 million MySpace users. While the leaked database doesn’t show the full credentials for every user (as some usernames/passwords were missing), over 100 million of the passwords had a username attached. Along with posting the entire dataset, LeakedSource also posted the top 50 passwords being used and their frequency of use.
http://www.itnews.com.au/news/myspace-breach-potentially-the-largest-ever-420184#ixzz4A9aotQr4
Majority of Phishing Emails Contain Ransomware
This week, PhishMe published a report showing that a staggering 93% of all phishing emails contained a dropper for some version of ransomware. This number, which contributes to the overall steady increase in phishing attempts (which have risen nearly 800% since the end of 2015), is likely as high as it is thanks to ransomware becoming increasingly easy to deploy and having a high success rate for extortion. With these numbers always on the rise, it’s important to remain vigilant for any suspicious emails containing attachments, especially ones asking for sensitive information.
http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html
TeamViewer Possibly Hacked, Main Site Goes Offline
In news that has spread quickly over the past week or so, many users have claimed to have been hacked via TeamViewer, which has led to thousands of dollars of fraudulent charges being attained in only a few hours. According to many of the victims, the attacks took place in the early morning hours, with PayPal transfers to offshore accounts ranging from several hundred to several thousands of dollars. TeamViewer’s response to these claims has been the denial of any security issue. Rather, they’re stating that a DNS issue was at fault for their site and services being offline.
New Ransomware Variant Acts Like Virus
In the past week, a new form of ransomware, which behaves like a traditional computer virus by copying itself to new drive or network locations to continue propagating itself, was discovered. The variant, ZCrypt, comes through like typical ransomware via an email attachment from a seemingly harmless sender. It then requests downloading a zip file, which launches an executable of the same name (usually an Invoice or Order form), and displays the ransom splash screen.
https://nakedsecurity.sophos.com/2016/06/01/zcrypt-the-ransomware-thats-also-a-computer-virus/
Lenovo Warns of Security Flaw in Pre-Installed Software
This week, Lenovo has strongly recommended that all users should remove the pre-installed Accelerator Application from their computers, as the software makes no security checks when searching for and downloading updates. Amongst the flaws, the application doesn’t use encryption when making outside connections to download updates, nor does it check the validity of digital signatures for said updates, leaving users open for man-in-the-middle attacks during the time the system makes these update checks.
My computer was attacked by a virus and after Webroot stopped it, the IE history, when used, will not stop deleting on its own.
Angie,
This is not an issue I have experienced or encountered before. I would advise reaching out to our support team so they can take a deeper look and figure out why you are seeing this resets. It could be a setting within internet explorer that is causing this. You could also try resetting internet explorer by clicking tools, navigating to internet options, clicking the Advanced tab, and then the “Reset…” button. If this does not work, reach out to support and we can get this squared away for you.
Support Number: 1-866-612-4227
Support Ticket: https://detail.webrootanywhere.com/servicewelcome.asp