Cyber Security News (17th July 2018)

1. India Telecom Regulator: ‘Users Have Primary Data Rights’

Telecom Regulatory Authority of India Says, Organizations ‘should be restrained from using metadata to identify individual users.’

The Telecom Regulatory Authority of India (TRAI) has advised stricter rules around data protection and taken a stance on users’ information control: The institutions that collect and handle personal data do not have primary rights over that data, it reports.

The country’s telecom regulator also says its current framework for securing data is not up to par, according to a new report from Reuters. TRAI has requested the Indian government build a policy framework to regulate devices, browsers, operating systems, applications, and other technologies that collect and process user data.

In addition, it has recommended a study to create standards to de-identify personal data collected by connected devices, maintaining that organizations don’t have primary control over it.

TRAI’s news arrives shortly after the arrival of the European General Data Protection Regulation (GDPR).

 

2. Globally Gas Stations are Extremely Vulnerable to Internet of Things (“IoT”) Cyber Attacks

Internet of Things (” IoT “) is based on the existence of an interconnection of all kinds of everyday objects, such as a printer, a SmartTv, a refrigerator, a smart blind, a book, a thermostat, etc.

Any device that connects to the Internet, can involve a risk in terms of privacy and security or, always be around the question of what can happen if a cybercriminal took control of any of these devices, or simply do with the personal or public information.

The expert in computer security ‘Claudio Chifa’ has investigated and is referring to the safety of the automatic tank gauges of gas stations and related flaws of IoT devices used are surprisingly not has been corrected.

The report says that, neither the securitization of the devices nor their connection to the network is currently in the minds of many industrial deployments, such as the commented case of gas stations and industrial devices.

 

3. Ammyy Admin Compromised

Attackers compromised the official website of Ammyy Admin ( The service used for Remote Desktop Connection ) and made to serve a malicious version of Ammyy Admin instead of the legitimate one.

It appears the infected file served from the legitimate site between June 13 or 14, like the October 2015 incidents where the Ammyy Admin served with malicious codes linked with cybercrime group Buhtrap.

Security researches from ESET spotted the issue on June 13 midnight and it as was notified Ammyy.

Users who download the Ammyy Admin between June 13 or 14 also received a multipurpose Trojan and banking malware dubbed Kasidet bot.

Kasidet bot sold in various underground hacking forums and it was detected with the Ammyy[.]com between June 13 or 14.

It is capable of stealing files that contains password and data related to cryptocurrency wallets and accounts of the victims.

Cyber Security Tips:  

  • Do uninstall of Ammy admin software from your system as soon as possible and use any different RDC Service which would be more Secure.

 

 

4. Rewritten GandCrab Ransomware Targets SMB Vulnerabilities To Attack Faster

The latest version of the ransomware attacks system using SMB exploit spreader via compromised websites. The ransomware is adding new features every day to target different countries.

The attackers behind the ransomware are scanning the whole internet to find the vulnerable websites to unleash the attack. The latest version features a long hard-coded list of websites that were compromised and were used to connect with it.

To propagate via SMB exploits, entire code of the ransomware was rewritten, and the malware is now using EternalBlue National Security Agency (NSA) exploits to attack in a fast-paced manner.

According to several reports, this newest version of the ransom can spread itself via an “SMB exploit.” Interestingly, the same exploit was used to propagate WannaCry and Petya/NotPeta ransomware attacks last year.

Cyber Security Tips:  

  • Microsoft has pulled up its guard against the ransomware with MS17-010 security patch. To protect your system, ensure that the system is updated with the latest security patch.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: