SecureData Threat Advisory Update - DAC Beachcroft

SecureData Threat Advisory Update's Tags

Tags related to this article

SecureData Threat Advisory Update

Published 26 January 2016

DELL Phish – 06 January 2016

'Technical Support' Scammers appear to be getting more sophisticated, with access to unique identifiers such as machine serial numbers, full customer names and full problem histories for their chosen target. The circumstances surrounding the method these scammers have used to gain access this information are not yet clear, with no official statement yet issued by Dell themselves. Since Dell is a large player in the commercial computer equipment market, this information can be used to convince end-users that the person calling is from Dell.

Ransom32 –13 January 2016

Ransom32 is a JavaScript powered ransomware generator as well as a command and control hosting facility that is accessible to would-be cybercriminals as 'software-as-a-service' (SaaS). The subscription process includes creating an account on the Ransom32 Tor website, from where an attacker can generate malware that is linked to their account. The downloaded malware comes packaged as a large WinRAR executable file that is can be sent to victims via email.

Forti-Black-Gate – Forti OS 4.0-5.7 – 18 January 2016

It has recently been found that Firewalls sold by FortiNet and running FortiOS have a hard-coded SSH backdoor in a way that is similar to the Threat Advisory raised regarding Juniper Firewalls (18-12-2015). This backdoor would allow any machine with Internet-facing SSH access to be compromised, using a hard coded and now public username and password.

< Back to articles