Skip to content
info@johnstek.com Corporate HQ: Coral Gables, FL, USA +1.786.375.9020 Latin American HQ: Asuncion, Paraguay +595.213.277.395
Search:
Search
JohnsTek
Strategic Technology Engineering
JohnsTekJohnsTek
  • About
  • Products & Services
  • Cyber Risk
    • Managed Security Services Provider (MSSP)
    • Cyber Risk Management Solution
  • Markets
    • Commercial
    • Government
  • Resource Center
  • Contact
  • About
  • Products & Services
  • Cyber Risk
    • Managed Security Services Provider (MSSP)
    • Cyber Risk Management Solution
  • Markets
    • Commercial
    • Government
  • Resource Center
  • Contact

Alert Dispatch 23JUN17 ~ By JohnsTek

You are here:
  1. Home
  2. Emails
  3. Alert Dispatch
  4. Alert Dispatch 23JUN17 ~ By…
Jun232017
Alert DispatchEmails

ALERT DISPATCH: New Threat June 28, 2017

The following threats need YOUR IMMEDIATE ATTENTION.  As Cyber Attack Vectors-as-a-Service become more available hackers spreading malicious code and stealing personal data to sell on the black market seem to have become more emboldened. From our Open Threat Exchange:

 

Petya Ransomware Sweeping Across the World NOW!
Affecting Banks, Financial Corporations, Utilities, Mining, Energy, and Transportation Companies, the Petya Ransomware has shut down shipping giant Maersk, and many more industry leaders (Source: CNBC June 27, 2017).  Using the EternalBlue vector (like WannaCry) to get into and infect computer event logs, then seizes the computer with a message: “If you see this text, then your files are no longer accessible, because they have been encrypted. Perhaps you are busy looking for a way to recover your files, but dont waste your time. Nobody can recover your files without our decryption service. We guarantee that you can recover all your files safely and easily. All you need to do is submit the payment and purchase the decryption key. Please follow the instructions: 1. Send $300 worth of Bitcoin to following address: “

 

We already have the correlation rule in place to identify and alert our Security Operations Center personnel if this virus presents itself in an of our monitored networks.  

 

Industry Controls continue to be Threatened by CrashOverRide and WannaCry:
Previously we reported on attacks on Electrical Grids and SCADA systems. It now appears that the attack on the Ukranian electrical grid in 2016 with CrashOverRide was just a practice run. Analysts following attack vectors such as JackWare, WannaCry, and CrashOverRide believe these successful methods of attacks will become more sophisticated as their targets expand across the globe. Just this week WannaCry found its way into several Traffic Light systems in Europe and Honda had to shut down manufacturing after discovering the infection on its systems in Japan, the United States, and Europe (Source: InfoSecurity, June 22, 2017).

 

MAC OS Attacks:
Most Apple users read cyber threats with the confidence that they are least likely to be affected by all the noise of malicious code and virus infections. Not so anymore! We are sorry to report to you Apple enthusiasts that you must also remain on the alert! Several indicators of increased activity for cyber attacks against Apple users are mounting.

 

Just this month 22 Chinese citizens were arrested for peddling in stolen Apple user private data (Source: Apple Insider, June 7, 2017), offered on the black market. This ring of thieves were able to net $7.34 million before the enterprise was shut down by authorities.

 

Not related, but equally alarming, Palo Alto Unit42 recently discovered a new version of the OceanLotus backdoor exploit that now affects MAC OS users (Source: Palo Alto, June 22, 2017). This vector is transmitted as a ZIP file through email or other data share program. Once launched by the recipient, the malware opens as a Word DOC while secretly infecting the MAC to begin a process that sends files back to the attackers servers. The first line of defense is the user. If you receive a ZIP file that you were not expecting BE SUSPICIOUS! Look very carefully at who the sender was. If you recognize the sender, contact them by another means and ask if the email is legitimate.

 

Categories: Alert Dispatch, EmailsBy Scott JohnstonJune 23, 2017

Author: Scott Johnston

https://johnstek.com

Post navigation

PreviousPrevious post:The Intel Brief 16JUN17 ~ By JohnsTekNextNext post:Industrial Control Systems and SCADA Vulnerability, Employees Email Accounts

Related posts

The Intel Brief 02OCT17 ~ By JohnsTek
September 28, 2017
The Intel Brief 16AUG17 ~ By JohnsTek
August 16, 2017
The Intel Brief 16JUN17 ~ By JohnsTek
June 16, 2017
Alert Dispatch 5JUN17 ~ By JohnsTek
June 5, 2017
The Intel Brief 22MAY17 ~ By JohnsTek
May 22, 2017
Alert Dispatch 18MAY17 ~ By JohnsTek
May 18, 2017
Shortcuts
  • About Us
  • Offerings
  • Products & Services
  • Commercial
  • Government
  • Privacy
  • Terms
JohnsTek News
  • CyberShield
    Stay Secure During the Holiday Season!
    December 13, 2020
  • Cafe Photo
    Data Protection In Cafes And Restaurants
    February 10, 2019
  • JohnsTek Capability Statement 2019
    February 9, 2019
Security Alerts
  • Alert Dispatch 23JUN17 ~ By JohnsTek
    June 23, 2017
  • Alert Dispatch 5JUN17 ~ By JohnsTek
    June 5, 2017
  • Alert Dispatch 18MAY17 ~ By JohnsTek
    May 18, 2017
Intel Brief
  • The Intel Brief 02OCT17 ~ By JohnsTek
    September 28, 2017
  • The Intel Brief 16AUG17 ~ By JohnsTek
    August 16, 2017
  • The Intel Brief 16JUN17 ~ By JohnsTek
    June 16, 2017
Press Releases
  • JohnsTek Capability Statement 2019
    February 9, 2019
  • IBM_JohnsTek
    JohnsTek Partners with IBM Security!
    November 19, 2018
  • Veterans Day
    JOHNSTEK WISHES YOU A HAPPY VETERAN’S DAY!
    November 10, 2017
Copyright © 2022 JohnsTek | All Rights Reserved.
  • About Us
  • Offerings
  • Products & Services
  • Commercial
  • Government
  • Privacy
  • Terms
Footer