Weekly Cybersecurity Report - Scammers Profit Off of Ransomware Victims

Share This Post:

Weekly Cybersecurity Report - Scammers Profit Off of Ransomware Victims

1. Another Flash zero-day Vulnerability Affects Windows, macOS, Linux, and Chrome OS Users

infosecurity-magazine.com - Author: Kacy Zurkus - Date: December 6th, 2018 

Another Adobe Flash Player zero-day vulnerability has been discovered for Windows, macOS, Linux, and Chrome OS users. The critical vulnerability (CVE-2018-15982) currently exists in the wild and allows for a Flash object to execute code on a victim’s computer and allow them to gain command line access to the system... Continue Reading


2. Russian Scammers Profit Off of Ransomware Victims 

infosecurity-magazine.com - Author: Phil Muncaster - Date: December 4th, 2018 

Scammers in Russia are generating hundreds of thousands of dollars from ransomware affected users by falsely claiming to be able to unlock encrypted ransomware files. Check Point, a security firm, explained that in one example a fake IT consultancy firm named ‘Dr Shifro’ was promising customers recovery from ransomware attacks like Dharma/Crisis. Dharma/Crisis ransomware has no known decryption key. Instead of actually decrypting the files the IT consultancy would pay the ransomware author a fee and charge the customer at a 75%+ margin... Continue Reading


3. Digital Ocean's, "Kubernetes", Gets a Critical Security Patch

infosecurity-magazine.com - Author: Phil Muncaster - Date: December 4th, 2018 

Digital Ocean's popular tool, Kubernetes, has recently received a patch that fixed a flaw that would allow third parties to remotely control targeted systems. Security researchers recommend that if your organization is using Kubernetes to upgrade to v1.10.11, v1.10.11, v1.11.5, and v1.12.3. The flaw will also be addressed in the upcoming v1.13.0 release according to Google staff software engineer, Jordan Liggitt... Continue Reading


4. Windows Security Questions Feature Provides Easy Access for Bad Actors

darkreading.com- Author: Kelly Sheridan - Date: December 5th, 2018

The security question feature on Windows has been discovered to be a critical point of attack for bad actors targeting those systems. Although the feature is beneficial for users who forget their passwords it makes for an easier way of bad actors gaining administrator privileges. Magal Baz, a security researcher for Illusive Networks says, “Because those questions and answers have the same power as a password, you'd think they would be as secure. However, unlike passwords, answers to security questions are not long and complex, they don't expire, and most of the time they don't change”... Continue Reading


5. SECURITY TREAT OF THE WEEK: Jewelry Thief Thwarted by The Best Security Mechanism Ever: A Locked Door.

nypost.com - Author: NY Post Video - Date: August 20th, 2018

A thief was stopped in his tracks at a jewelry store in Thailand by the world’s greatest security mechanism: a locked door. While trying on some jewelry the man made a quick b-line to the door to run off with the worn jewelry. Immediately, the thief was stopped by the store’s locked door and was forced to return the jewelry to the owner. Shortly later, authorities came for the thief and took him into custody... Continue Reading



Posted by Alan Hernandez