Reading Time: ~ 2 min.

Ryuk Adds New Features to Increase Devastation

The latest variant of the devastating Ryuk
ransomware has been spotted with a new feature that allows it to turn on
devices connected to the infected network. By taking advantage of Wake-on-Lan
functionality, Ryuk can is able to mount additional remote devices to further
its encryption protocols. While it’s possible to only allow such commands from
an administrator’s machine, those are also the most likely to be compromised
since they have the largest access base.

Learn more about ransomware infections and how to protect your data from cybercrime.

Bank Hackers Arrested Outside London

Over the course of six years, two individuals were able to
successfully hack into many hundreds of bank and phone accounts with the intent
to commit
fraud
. With the information they gathered, the two were also able to open
new credit accounts and take out significant loans to purchase extra tech
hardware. Officials for the London Metropolitan Police have made it known that
cybercrime is taken just as seriously as any other crime.

Cryptominer Found After Multiple BSODs

Following a series of “blue screens of death” (BSoDs) on a
medical company’s network, researchers identified a cryptominer
that spread to more than 800 machines in just a couple months. The payload, a
Monero miner, was hidden within a WAV file that was able to migrate undetected
to various systems before executing the payload itself. To spread efficiently,
the infection used the long-patched EternalBlue exploit that had not yet been
updated on the network in question, thus leaving them fully susceptible to
attack.

Consulting Firm Exposes Professional Data

Thousands of business professionals from the UK have
potentially fallen victim to a data leak by the major consulting
firm
CHS. A server belonging to the company was found to contain passports,
tax info, and other sensitive information that could have been archived from
background checks within an unsecured Amazon Web Services bucket. While it is
still unclear how long the data was available, researchers who discovered the
leak quickly contacted both CERT-UK and Amazon directly, which promptly secured
the server.

Western Australian Bank Breached

Over the last week officials for P&N
Bank
in Australia have been contacting their customers concerning a data
breach that occurred during a server upgrade in early December. Though personally
identifiable information has been exposed, it doesn’t appear that any accounts
have been illicitly accessed and relates more to a customer’s contact
information. A total number of affected customers has yet to be confirmed.

The post Cyber News Rundown: Ryuk Uses Wake-on-Lan appeared first on Webroot Blog.