Cybersecurity News Bytes - Late April 2018
Posted on 04/30/2018
Cyber Takedown of ISIS Online Infrastructure
Europol, the EU police agency, led a “simultaneous multinational takedown” of multiple online sites used by ISIS to promulgate propaganda and to broadcast ISIS news. Several EU countries as well as the U.S. and Canada participated in the operation, which was conducted on 25-26 April 2018. The operation mainly targeted the Amaq News Agency, central to ISIS propaganda efforts since 2015. Europol expects that the information gleaned from seized IS computers and servers will help identify ISIS administrators and key individuals. BBC News and Europol Press Release of 27 April 2018 - article contains link the press release.
Top Ten Ways to Hack Facebook Accounts
Threat Brief published a list of the Top 10 ways hackers use to access Facebook accounts. They include: phishing attacks to gain passwords; saved passwords from browsers; hacking email IDs; hacking mobile phones; viewing masked passwords; session hijacking; USB hacking; social engineering; Wi-Fi hacking; and unattended Logout screens. ThreatBrief.com 30 April 2018.
Russia Using EW against U.S. Military in Syria
Russian military forces in Syria are using sophisticated and powerful electronic warfare against U.S. military aircraft, according to a report of a speech given on 24 April by the Commander, Special Operations Command (SOCOM). The targeted aircraft include either the EC-130 (Compass Call), the Air Force EW platform, or the AC-130, which is a SOCOM-unique platform. Either way, the use of advanced EW by the Russians against U.S. aircraft is an escalation in the Syrian conflict and is causing U.S. commanders to review their defenses against EW attacks. Breaking Defense, 24 April 2018
Canadian Company Providing Internet Filtering for 30 Countries
Canadian company Netsweeper, Inc. has provided content filtering systems to 30 countries, according to a recent report from Citizen Lab. Gulf Arab countries Bahrain, Kuwait, Qatar and the UAE are among the countries using Netsweeper technology to block content ranging from LGBTQ discussions to religious and political topics. Content control has always been a concern among these countries, and Netsweeper has provided an updated capability to achieve government policy goals. Other countries using Netsweeper include Afghanistan, India, Pakistan, Somalia, Sudan, and Yemen. The Citizen Lab, 25 April 2018
Caution about Apple QR Readers
Critical vulnerabilities have been discovered in WebKit, the browser engine used in Apple’s Safari browser, both the Mac and iOS versions. The vulnerabilities have been flagged as CVE-2018-4200 and CVE-2018-4204. A third vulnerability, CVE-2018-4187, allows malware to be inserted into the QR parser in Apple products, allowing hackers to misdirect users to infected websites. Researchers advise that Apple users should avoid the QR app until they have the most recent Mac and iOS upgrades, which have remedied these vulnerabilities. Help Net Security, 25 April 2018
U.S., UK, Australia Out Russians for Continuing Cyber Attacks
For only the second time, cybersecurity agencies in the U.S., UK, and Australia have publicly blamed the Russians for attacking network routers and systems around the world. The attacks, ongoing since 2017, have been used for espionage, to steal intellectual property, and to possibly plant malware in routers for unknown future purposes. Russian hackers targeted government and private organizations as well as Internet Service Providers and critical infrastructure organizations in the three countries, according to a joint statement issued by the countries’ cybersecurity agencies. Fortune, 17 April 2018
Atlanta Hit by Major Ransomware Attack
City officials in Atlanta were continuing to recover on 18 April from a ransomware attack that crippled many city services. The attack began in late March, when hackers demanded $50,000 to restore city services including online bill paying and court records. Atlanta reportedly has not yet paid the ransom, but has spent over $2.5 million in cybersecurity contracts and remediation services. AI.com, 18 April 2018
Return to our HOME PAGE.