- MongoDB Databases held for Ransomware
A hacker going by the handle Harak1r1 is accessing, copying and deleting unpatched or badly-configured MongoDB databases and then threatening administrators to ransom in exchange of the lost data. According to recent statistics compiled by Merrigan, the number of compromised systems has reached more than double to 27,000, over the course of about 12 hours. Using misconfigured MongoDB databases are the reason for this sudden spurt in these attacks.
Cyber Security Tips: Enable authentication that provides you ‘Defense in depth’ if your network is compromised. Use firewalls. Administrators are strongly recommended to update MongoDB software to the latest release.
- New Ransomware Campaign Targets Only HR Departments
A recent ransomware campaign is targeting corporate Human Resources (HR) departments. The attack first starts with the emails that are designed to mimic the job applications, these contain a brief message from the alleged applicant, and also two attachments which are there to lead to the ransomware. According to the Check Point researchers, this campaign targets HR departments because the people who work in the HR department cannot avoid opening the emails and attachments they received from strangers. The malware campaigning here we are talking is distributing the GoldenEye ransomware family, which is a child of Petya and Mischa, a malware duo emerged back in the spring of 2016.
Cyber Security Tips: Don’t open emails from stranger, and if you have to open it because of any reason then avoid opening any attachments which are there.