The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst with a passion for all things security. Any questions? Just ask.
Exploitable Backdoor Found in Western Digital NAS Drives
Western Digital has recently released numerous patches for the vulnerabilities that were found and reported to the vendor nearly six months ago. The prominent issue revolved around a hard-coded administrative backdoor that could allow attackers to remotely execute files on the drives. Unfortunately for Western Digital, this series of vulnerabilities comes not long after the same generation of drives were found with 85 different exploits (and the company waited to push out patches until after the exploits had come to public attention.)
Welsh Restaurant Closes After Cyberattack
In the past month, the owner of a Welsh restaurant has been struggling to keep the doors open on the Seafood Shack following a cyberattack that completely cleared out the restaurant’s reservation system in the weeks before to Christmas. The restaurant is currently closed after nearly a month without patronage. The systems weren’t being monitored manually, so every diner’s booked tables were left empty. In addition to the cyberattack, the restaurant also faced licensing issues after a supervisor left their employ.
Winter Olympics Organizers Targeted by Phishing Attacks
Officials working on the Pyeongchang Winter Olympics have been under a constant stream of phishing attacks disguised as Microsoft® Word documents from a South Korean intelligence agency. The documents work like normal ones, but request that the user enable macros to launch a PowerShell script. Another version of the malware even bypassed the need for user permission, and instead waited for the user to click the .docx icon to change the language to Korean before launching the same PowerShell script.
Older Zero-Day Exploit Released on New Year’s Eve
In an unusual finish for 2017, one researcher chose to release a 15-year-old macOS® exploit into the wild. The exploit requires local access to the device, but, once active, would give any attacker full root access to the machine after the user logged out of their session. Even though all Mac® operating systems are susceptible to this vulnerability, it’s only a matter of time until Apple steps in and corrects the issue and give their massive client-base some piece of mind.
Opera Browser Implements Anti-Cryptojacking Functions
With the recent emergence of cryptojacking (i.e., exploiting an unwitting user’s CPU to mine cryptocurrency while they visit a hijacked website), Opera has taken a stand and implemented crypto-mining protection called “NoCoin” in their current ad blocking filter. NoCoin works by detecting any mining activity on a visited website and stops the mining, freeing up the system’s processor for actual user-initiated applications.