Security Newsletter

3 August 2020

Garmin confirms ransomware attack

Garmin broke its silence Monday, acknowledging that a hack attack that encrypted several of its systems last week led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline, confirming a ransomware attack. Last week, Garmin suffered a worldwide outage that affected their Garmin Connect, Strava, inReach, and flyGarmin services.

It is common for companies not to mention the ransomware family used in an attack while law enforcement is conducting an investigation.The WastedLocker Ransomware is attributed to the Evil Corp cybercrime group who is best known for their use of the Dridex banking and downloader trojan in hacking operations. After the indictment of Evil Corp members by the USA, the hacking group restructured their tactics and techniques to include a new ransomware called WastedLocker that is used to target and extort enterprise organizations.

Garmin reiterated that it doesn't believe hackers exfiltrated any data from its network.

 

Zoom Bug Allowed Snoopers Crack Private Meeting Passwords in Minutes

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but the lack of rate limiting enabled "an attacker to attempt all 1 million passwords in a matter of minutes and gain access to other people's private (password protected) Zoom meetings."

It's worth noting that Zoom began requiring a passcode for all meetings back in April as a preventive measure to combat Zoom-bombing attacks, which refers to the act of disrupting and hijacking Zoom meetings uninvited to share obscene and racist content.

The researcher also found that the same procedure could be repeated even with scheduled meetings, which have the option to override the default passcode with a longer alphanumeric variant, and run it against a list of top 10 million passwords to brute-force a login. Following the findings, Zoom took the web client offline to mitigate the issues on April 2 before issuing a fix a week later. Just earlier this month, the company addressed a zero-day vulnerability in its Windows app that could allow an attacker to execute arbitrary code on a victim's computer running Windows 7 or older.

 

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments. Over the past four years, The No More Ransom project estimates that they have saved $632 million in ransom payments through its partners' cooperation and the decryptors that were released.

No More Ransom was created in 2016 through an alliance between Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, McAfee, and Kaspersky to battle ransomware and provide free decryption services and support to victims.

The amount of money saved is probably far more significant as it is common for other sites to host partner's decryptors, which would not allow the Project to keep track of their usage. Furthermore, as most decryptors do not include telemetry, they may have been used in far higher amounts than we know.

 

More #News

 

#Patch Time!

 

#Tech and #Tools

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred is one of the largest online gambling companies in the world with a diverse team of 1,600 people serving over 26 million customers across Europe, Australia and the US. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and is an innovation driven company that builds on trust.