A new widespread ransomware is spreading like in Europe. Named “Bad Rabbit,” is reportedly a new Petya-like targeted ransomware attack demanding 0.05 bitcoin as ransom from victims to unlock their systems.
The ransomware was distributed via download attacks, using fake Adobe Flash players installer to lure victims’ in to install malware unwittingly. Users should not install any software they are prompted to without their intervention.
A vulnerability in the WPA2 wireless protocol called Krack potentially allow attackers to eavesdrop on wireless connections and inject data into the wireless stream in order to install malware or modify web pages.
To protect yourself, many Wi-Fi product vendors will be releasing updated firmware and drivers for their products. It is strongly recommended that users update their hardware or have it updated as soon as a update is available in order to protect themselves. This includes router firmware and wireless network card drivers.
The October 2017 Patch released this past Tuesday, addresses important security issues including a Word zero-day vulnerability. Users who are not on auto updates should install them immediately.
Adobe just released its monthly security updates and this month the company patched vulnerabilities in three products — Adobe Flash Player, Adobe ColdFusion, and Adobe RoboHelp. Adobe patched eight security bugs ; two in Flash Player, four in ColdFusion, and two in RoboHelp.
The new campaign was discovered by App River. Potentially 23 million of emails were sent with subjects such as ‘please print’, ‘documents’ and ‘scans’ in an effort to spread Locky ransomware.
As with all Phishing campaigns end user education is your best defense. With this number o emails, even if it is overestimated by 90% there will be significant numbers of users caught but it and they potentially will send more mail messages.
The past two mornings have had businesses in the Albany area who use Microsoft’s Office 365 receive a Phishing email claiming that users passwords have had a password change request and please follow the link included in order to cancel the request.
The sender will be listed as “Office” or “Office 365” and the Subject line will read “Password Reset Alert”
This email should be deleted immediately.