And here comes another issue of the Sunday Weekly… On Mondays!
We start the week with bad news coming from Easyjet, who admitted that data from 9 million users was hacked in a « sophisticated attack. » My bets are either a public data container or phishing that lead to stolen credentials. Might this be useful to remind us that no matter how big or small you are, you need some security basis.
And this is interesting and complicates things for antimalware tools, but I have to say it is brilliant. RagnarLocker is using virtualization technology to hide its presence. As said, brilliant. So stop having RDP directly exposed to the Internet.
Another brilliant idea but for which the goal remains unclear. Ebay, and maybe other sites, are performing a port scan when you visit their site. Here you can see the details from a test I just did:
Ports scanned are related to remote accesses, like VNC or Remote Desktop Connection, so some think it could be related to fraud prevention, should the user have a malware running. Anyway, this triggered the question: is it legal or not? We are talking about something that bypasses all network security and, eventually, sends data back to the site you visit. You have a good technical analysis done by Dan Nemec.
QNAP, a popular NAS brand, had a security bug in its software PhotoStation. Said security issue was reported back in June last year, and patched back in November. All this was published by the security researcher and the details are interesting. As usual, run security updates as soon as patches are available.
Japan believes some information regarding its defense system might have leaked. Information about a prototype missile could be part of the data stolen during a massive cyber attack earlier this year on Mitsubishi Electric Corporation. While the company declares data from 8000 employees has been stolen, full details are still unclear, and I am not sure we will know them all if it involves Japan’s national security.
That’s all for now! Remember to follow me on Twitter and, as usual, stay safe!