Friday Five: 7/5 Edition
Cracking a five year Facebook malware campaign, this week's CDN outage, and an app fined for leaking users' photos - catch up on the week's news with this recap!
1. Researchers crack open Facebook campaign that pushed malware for years by Dan Goodin
Security researchers discovered this week that for the past five years a network of malicious Facebook accounts used Libyan news to infect thousands of people’s devices with malware. Researchers first noticed these malware links in Facebook posts that impersonated Field Marshal Khalifa Haftar, the commander of Libya’s National Army. The attacker utilized URL-shortening services to create many of the links and used more than 30 Facebook pages to spread them. The attacker was able to infect users using customized content, valid websites, and highly active pages with a significant number of followers. Almost all of the malware associated with this network was tied to command and control servers that security researchers were able to link to a Facebook account that posted private documents, such as Libyan government officials’ passport photos, emails, and phone numbers. To combat the issue, Facebook took down these pages and accounts and asserted the service will continue to invest in technology to detect malicious activity on its platform.
2. Gay dating app fined $240,000 for leaking nude and private photos by Catalin Cimpanu
3. Cloudfare’s recent 502 bad gateway outage blamed on bad software by Waqas
Cloudflare, the internet’s largest content delivery network (CDN) dealt with a service disruption this week that resulted in thousands of Cloudflare-proxied domains having “502 Bad Gateway” errors. According to CTO John Graham-Cumming, the outage only lasted about 30 minutes and was caused by bad software deployment. Cloudflare says its looking into these performance problems.
4. Huge jump in cyber incidents reported by finance sector by Warwick Ashford
The financial services industry in the UK has seen a massive spike in cybersecurity breaches since 2017, reporting an increase from 69 incidents in 2017 to 819 in 2018. Retail banks were the victim of 60% of attacks, with wholesale facing about 15%. The rest of the attacks hit investment banks and other institutions. Third-party failure was at fault for 19% of the incidents, which has led to the FCA calling for stronger cybersecurity within companies responsible for massive financial assets. Steve Snaith, a technology risk assurance partner at RSM, an international accountancy firm, believes that even though the increase is concerning, firms are also becoming more proactive in reporting attacks to regulators, something which may have inflated the statistics. The threat of cyber attacks will always be present, so it's vital that companies combine innovative technology with the right people in order to adequately protect their sensitive data.
5. Florida city fires IT employee after paying ransom demand last week by Catalin Cimpanu
Following up on our story from last week regarding the government data breach in Lake City, Florida: the IT employee responsible for the breach has been fired. After opening a document that infected the town's computers, Lake City was held ransom on June 10th for the release of their information. The town was forced into paying 42 Bitcoin (about $500,000) to the ransomware gang, which eventually returned the files to the town's IT staff to be decrypted. This attack was not the first involving city information as many officials are becoming aware of the trend after two other Florida cities were recently breached. Moving forward, city officials plan on investing heavily into IT and cybersecurity while also taking the time to train employees on how to detect and handle potential attacks.