Home » Tag: cyber security new

Tag Archives: cyber security new

Home » Tag: cyber security new

Chinese government departments targeted with GandCrab v5.2 ransomware

  • The malware comes concealed as an archive named ‘03-11-19.rar’.
  • The phishing attack has started since March 11, 2019.

A new phishing campaign that leverages GandCrab v5.2 ransomware to infect the Chinese government officials has been discovered recently. The malware comes concealed as an archive named ‘03-11-19.rar’.

How does it work – According to China’s Internet Network Information Center, the phishing attack has started since March 11, 2019. The hackers are targeting the websites of relevant government departments in China with emails containing ransomware. The emails are sent by different senders such as ‘Min, Gap Ryong’. Going by the sender’s name, it is believed that the operators are from North Korea.

“According to the monitoring of the China Internet Network Information Center, starting from March 11, 2019, a hacker organization outside the country launched a ransomware mail attack on relevant government departments in China. After analysis and analysis, the ransomware version number is GANDCRABV5.2, which is the latest upgraded ransomware version in February 2019,” said the report.

What does the ransomware do – Once installed, GandCrab v5.2 encrypts the hard disk data of the user host and redirects the users to download the Tor browser. The Tor browser later logs into the attacker’s digital currency payment window and asks the victim to pay the ransom.

What steps are taken – Following the discovery, all units of the Chinese government have been asked to monitor their systems and report any future attacks. Other crucial measures have also been recommended to mitigate the attack. This includes –

  • Keeping the antivirus up-to-date;
  • Disabling automatic functions for USB ports;
  • Disconnecting infected hosts or servers;
  • Upgrading the operating systems to latest versions.

GandCrab v5.2 is the latest version of the ransomware family. No decryption keys are currently available for this version of the GandCrab.

‘Gnosticplayers’ is now selling another 26 million user records on the Dark Web

  • Gnosticplayers had earlier exposed more than 840 million user records during the month of February.
  • This is the fourth time the attacker has put a trove of sensitive information out in the open.

Gnosticplayers, the infamous hacker who exposed and sold millions of user records in early 2019, has yet again come out with a new batch of user records for sale. This fresh wave of user data dump contains over 26 million records which belong to customers of six companies across the world.

Worth noting

  • According to ZDNet, the six companies impacted are GameSalad, Estante Virtual, Coubic, LifeBear, Bukalapak, and YouthManual.
  • The largest number of user records (13.2 million) leaked was from Bukalapak, an Indonesian e-commerce company, while the smallest portion (1.12 million) of the dump was from YouthManual, a website aimed to help Indonesian students in their career.
  • GameSalad, Estante Virtual, Coubic, and LifeBear each leaked 1.5, 5.45, 1.5 and 3.86 million records respectively.
  • Gnosticplayers cites poor security implementations by these companies as the reason for their breaches.

Why it matters – This is the fourth in a series of user record dumps put up for sale by the same individual. The first batch contained 620 million user records, while the second and third batches contained 127 million and 93 million records respectively.

Though the data released by the hacker mostly contains records from previous breaches, the combined sale of such a large amount of data means other cybercriminals could leverage it for future credential stuffing attacks, leading to further damage. Interestingly, the hacker claims that he has sold only a portion of the data in his possession.

Moreover, Gnosticplayers told ZDNet, “I came to an agreement with some companies, but the concerned startups won’t see their data for sale. I did it that’s why I can’t publish the rest of my databases or even name them.”

Although this time it was comparatively smaller in scale compared to three previous batches, this is a tell-tale sign of how many companies fail to implement rigid security measures when it comes to protecting vast amounts of user data.

Read More »

Firewall,Hardware Firewall,Software Firewall,Firewall India, Firewall,Network Firewall,Firewall Support,Firewall Monitoring,Firewall VPN, WAF Website Firewall,Firewall Security, Firewall India,Firewalls Provider in India

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket