CyberSec Roundup
A synopsis of the Latest Cybersecurity News
Android Spyware Disguised as System Updates
Most malware on Android devices resemble other apps, but there is a new form of spyware that appears as a system update. If the user is fooled by the malware, it connects the phone to a command-and-control server, where it discretely transfers information from the phone to the attacker’s server. Owners of Android devices should only get their apps from the official Google Play store, as they are at risk of downloading this type of malware from third-party app stores.
Shell suffers Accellion hack
Shell, the multinational oil and gas company, is the latest in a long line of companies to suffer an Accellion FTA breach. They are investigating the extent of the attack, but have confirmed that the information which was accessed primarily belonged to other stakeholders and subsidiaries. The FTA device was isolated from Shell’s main network and did not affect any of their core IT systems. It is suspected that the Clop ransomware group is behind this attack, as they have been the main perpetrators behind these FTA attacks.
CNA Insurance hit with ransomware
The Chicago based insurance company confirmed that they suffered a major ransomware attack last week, which caused significant disruption on their network. Many systems, including those of remote employees, were encrypted with a new flavor of ransomware called Phoenix CryptoLocker, and it is feared that quite a bit of information was stolen by the attackers. CNA is working with the FBI as they investigate the incident.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker