Friday Five: 7/08 Edition | Digital Guardian

The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls

Digital Guardian's Blog

Friday Five: 7/08 Edition

It's Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. EU Adopts Cybersecurity Law with Reporting Mandates for Orgs by Tara Seals

The EU’s first laws on cyber security have been adopted, and will be implemented May 2018. These rules specifically focus on risk management and incident-reporting responsibilities for companies. The Directive on Security of Network and Information Systems says that digital service providers will be responsible for guaranteeing a level of security for network and information systems in order to minimize the impacts of incidents. This includes transport companies, financial services, healthcare, internet exchange points, and more. This directive will have a large impact on the way that most organizations in EU nations implement security policies and deal with breaches. Even though the UK has voted to leave the EU, organizations in the UK should look to be amenable with these new rules. For more details on these new laws and how they are being implemented, read the full article on Infosecurity Magazine.

2. 10 Million Android Phones Infected by All-powerful Auto-rooting Apps by Dan Goodin

Security experts have seen a large increase in Android malware, known as “Hummingbad”, with more than 10 million infected devices, including 286,000 within the US. These security experts went into more depth and explained that the malware installs 50,000 fraudulent apps each day and displays 20 million malicious ads, which totals a profit of $300,000 per month. “Hummingbad” is successful because of its ability to exploit vulnerabilities that remain unfixed in older versions of Androids. The Chinese-based company behind this malware silently installs promoted apps on infected phones, defrauds legitimate mobile advertisers, and creates false statistics inside Google Play. This follows recent news of fellow Android malware ‘Hummer’, a Trojan which has infected nearly 1.2 million devices. To learn more about this infectious malware read the article on Ars Technica.

3. Apple Backdoor Malware Steals the Keys to Your Kingdom by Charlie Osborne

A new malware for Macs, “Backdoor.MAC.Eleanor”, has been discovered in the app EasyDoc Converter through MacUpdate. This unique malware can be very troublesome to Macs, if implemented. Researchers say that “Eleanor” is only the second piece of malware that has been tailored to Macs, after the “KeRanger” ransomware. This new strain of malware separates itself from the others because it is able to gain full access to vulnerable machines. The legitimate app converts file formats into Microsoft word. However, “Eleanor” pretends to do this while it installs a backdoor when the app is implemented. Once on the device, this malware creates a tunnel for the attacker to directly access the victims’ machine. Read the full article for more info.

4. Malware Spread via Facebook Makes 10,000 Victims in 48 Hours by Catalin Cimpanu

For 48 hours between June 24 and 27, malware was distributed on Facebook via spam messages sent from hijacked accounts to their friends. These messages informed victims that they were mentioned in a comment and provided a link to click on. A Trojan was then downloaded and set up an extension in the victims’ Chrome browser. The next time that the victim tried to access Facebook, they were asked to enter their log-in information and were then sent to a false server that “liked” and commented on desired accounts which paid the hacker for the increase in activity on their pages. For more information on this hack, read the full article on Softpedia.

5. New Satana Ransomware Encrypts User Files and Master Boot Record by Lucian Constantin

Attackers have developed an aggressive ransomware, “Satana”, for Windows machines that encrypts user data and the computer’s master boot record (MBR). This leaves devices unable to load the OS. This is the second ransomware threat that has affected the MBR, and seems to model after the first one, “Petya”. The MBR contains information about the disk’s partitions and launches the operating system. Without an MBR, computers will not be able to identify which partitions contain the OS and how to start it. “Satana” replaces the MBR with its own code and stores an encrypted version of the original boot record so that it can be restored later if the victim pays the ransom. To learn more about this new ransomware, read the full article on CSO.


Nena GiandomenicoJuliana de Groot

Contact Us

Learn more about our data protection platform. Contact us to schedule a personalized demo today.

Schedule a Demo