<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

Podcast: The Biggest IT Stories from March 2018

Jeff Edwards| April 04 2018

| Podcasts

iran-phishing-attack

New month, new IT stories, and some (not so) new security problems. And what a month it’s been! From Iranian hackers to the return of ransomware and the Facebook scandal, March kept us on our toes.

WannaCry Returns

WannaCry, the Windows ransomware that took off last May around the world, has reared its ugly head again, infecting some systems at aircraft and weapons manufacturer Boeing.

In a leaked internal memo, Boeing Chief Engineer Mike VanderWel called for “All hands on deck,” and claimed that WannaCry “ is metastasizing rapidly out of North Charleston and I just heard 777 (automated spar assembly tools) may have gone down. We are on a call with just about every VP in Boeing."

Make sure you are compliant with the GDPR. Download this free guide.

VanderWel also said he was concerned that equipment used to test airframes after they roll off the production line was hit by WannaCry, and expressed fears that WannaCry could “spread to airplane software.” Luckily, that’s not possible, because aircraft do not use Windows for critical systems.

The outbreak was likely caused by a failure to patch vulnerable systems at Boeing.

Read More at The Register

Indictment of Iranian Hackers

US Government officials have announced a round of sanctions and criminal indictments against an alleged Iranian hacker network that targeted hundreds of universities, businesses, NGOs, and Government organizations world-wide.

“Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code,” said Geoffrey S. Berman, U.S. attorney for the Southern District of New York, in a statement.

The indictment connects nine of 10 named individuals to the Mabna Institute, a tech firm based in Shiraz, a major center for Iran’s electronics industries.The Justice Department alleges that the Mabna Institute is frequently hired to hack international targets for Iranian universities and the Islamic Revolutionary Guard Corps (IGRC).

Charges leveled against the defendants include computer fraud, wire fraud, conspiracy, and identity theft.

Read more on Defrag This

Guccifer 2.0 Outed as Russian Intelligence Officer

Guccifer 2.0, the hacker who took credit for providing WikiLeaks with thousands of emails stolen from the DNC, has been outed as an fire of Russia’s military intelligence service, the GRU.

The hacker’s true identity was discovered by American investigators after he failed to turn on his VPN to disguise a public IP address and location when visiting either Twitter or WordPress.

Read more at The Register

Largest DDoS in History Strikes (Twice)

March saw two of the largest DDoS attacks in history, first with a 1.3tbps attack against GitHub, and then with a 1.7tbs reflection/amplification attack against a US internet service provider. Due to strong defense capabilities in both instances, no outages were reported.

Read more at Arbor Networks

Facebook Faces Fallout after Cambridge Analytica “Data Breach”

In March, a whistle-blower told reporters from the New York Times and The Guardian about a data breach on the personal data of some 50 million Facebook users, carried out by Cambridge Analytica, a political firm hired by the Trump campaign during the 2016 election campaign.

According to reports, data collected included details on users’ identities, friend networks and ‘likes.’ That information was used to target audiences for digital ads. While that may seem run-of-the-mill for those familiar with digital advertising, it was the way that Cambridge obtained this data that has caused such a shake up for facebook.

The information of some 50 million facebook users was collected in a survey, conducted under the auspices of scientific research, of some 270,000 users, and was then sold to Cambridge Analytica, a practice that is against Facebook’s terms of use.

Read more at The New York Times 

MyFitnessPal Leaks Data of 150 Million Users

UnderArmor-owned fitness tracking app MyFitnessPal has been hacked, and hackers made off with the data of 150,000,000 users, according to reports. The hack is the biggest hack of the year so far, in terms of number of people affected.

Breached data includes usernames, emails and hashed passwords. Under Armor claims that no payment or tracking information has been breached in the attack, but recommends that users change their passwords.

Read more at Reuters

 

 

Topics: Podcasts

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Jeff Edwards

Jeff Edwards is a tech writer and analyst with three years of experience covering Information Security and IT. Jeff has written on all things cybersecurity, from APTs to zero-days, and previously worked as a reporter covering Boston City Hall.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.