Cyber security news for all

More

    Uncovered Cyber Attack On Medical Technology Sector

    Guardicore has uncovered and prevented a cyberattack on a medium-sized company in the medical technology sector. The crypto-miner attack was carried out using well-hidden malware that was infiltrated into the company network using an audio file. The target of the infection was Windows 7 systems that were attacked using the EternalBlue exploit.

    After decoding the data communication, Guardicore Labs tracked down a readable powershell script that searched the IT system and read out the above-mentioned registration key. After saving via the Windows API function, the malware code was executed. The unknown attackers performed a full subnet scan on to install the malware on other hosts in the infected network using the EternalBlue exploit.

    Guardicore security

    As a hint for a mode error, the blue colored notes are in themselves unsuspicious, but a more detailed analysis by the visibility tools of the Guardicore security platform brought worrying insights. One of the computers ran a long command line and changed data in the Windows. For the safe storage of log files, companies should forward the logs of the Windows computers to central, hardened servers. There are corresponding instructions from Microsoft for this – it also offers corresponding examples and auxiliary programs. Guardicore recommends a system configuration for the complete storage of crash dump files for further analysis of attacks and process errors. Microsoft also offers support on how to make these configuration settings.

    Security And Convenience Suddenly Become A Contradiction In Terms

    A current trend topic is fitness apps and wearables for checking one’s own state of health. The personal data is not only recorded automatically, but also forwarded to various cloud services. In contrast to other stored information from the areas of social media, gaming as well as photos and videos, this is a lot more personal and therefore worth protecting. However, for the sake of convenience, protecting this data is often not given the necessary higher priority. One cannot blame a user if he leaves the setting – Remember password activated. However, you have to point out that if the device is lost, whether physically or through a hack, this data is available to the new owner as on the presentation plate. Two-factor authentication already provides more security here. Because even if the attacker knows the password, he cannot use the device or the application without the second code.

    Recent Articles

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox