Another cryptomining attack is spreading, update your Adobe Flash software and more routers at risk.
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Friday June 8th. To hear the podcast, click on the arrow below:
 |
 |
 |
Another cryptocurrency mining attack has spread around the world. Security vendor GuardiCore reported this week that what it calls Operation Prowli has so far infected 40,000 DSL modems, Drupal content management websites, WordPress sites, servers with an open SSH port, vulnerable IoT device and more. One goal is to take over servers and use them for cryptomining. Another is to commit fraud by redirecting Internet traffic to Web sites that pay for viewers. These sites also host different scams, such as fake services, malicious browser extensions and more.
The attacks are based on a mix of known vulnerabilities and password guessing. So administrators should enforce the use of strong passwords and keep software up to date. Companies should also lock down their content management systems and Web sites, and segment their networks. Finally, keep an eye on network connections. They will easily show compromised devices communicating with cryptocurrency mining pools.
Vulnerabilities in Adobe’s Flash player have long been a favourite target for attackers, meaning users have to make sure the latest version is patched. Yesterday Adobe issued the latest security updates for Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities. Some experts say you could delete Flash and not miss it. For those who still want it around, Flash should not only be updated regularly but also disabled – there’s a browser setting for making it ask your permission before it runs. Also, consider a software updater, which checks all your software to see if patches are available. The capability may be included in your antimalware suite. Or look at AppUpdater, FileHippo App Manager, Software Update Monitor, Secpod Saner or others.
Last week I told you about malware – called VPNFilter — that’s infecting WiFi routers and network attached devices. Well, the list of units that can be hit has expanded. Rather than list them all, see my script for today’s podcast on ITWorldCanada.com. Here’s a link to a report that has the full list. Also, here’s a link to a blog on the right way to reset a router. Or send a question your device manufacturer.
Finally, on Monday I told you about a scam pulled on reservation company Booking.com. The company says the news report that was based on had an error – although certain hotel partners did get a phishing email that started the scam, no one was asked to change their password.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.