November 3, 2017
ONI Ransomware Used in Month-Long Attacks Against Japanese Companies – Japan
As more and more ransomware outbreaks are discovered, the line has become blurred in whether they are being utilized as a wiper or an actual ransomware. Such is the case with a new ransomware attack called ONI that has been used in a targeted month-long attacks against Japanese companies. It all started when security firm Cybereason analyzed some computers that were infected with a ransomware called ONI. This ransomware has been analyzed before, but it was not understood how the ONI victims were being infected. After analysis by Cybereason researchers, it was discovered that the infected computers had also been previously targeted by a spear-phishing campaign that installs a RAT, or Remote Access Trojan, on the victim's computer. These phishing emails pretending to be receipts that contain a zip attachment with a malicious Word document inside it. When a user opens the document and enables macros, a VBScript script will be launched that downloads and install a copy of the Ammyy Admin RAT onto the infected computer.
Student Charged by FBI For Hacking His Grades More Than 90 Times – Iowa, United States
According to the New York Times, Trevor Graves, 22, is accused in an FBI affidavit of working with an unnamed accomplice to secretly plug keyloggers into university computers in classrooms and in labs. The FBI says keyloggers allowed Graves to record whatever his professors typed, including credentials to log into university grading and email systems. Court documents allege that Graves intercepted exams and test questions in advance and repeatedly changed grades on tests, quizzes and homework assignments. This went on for 21 months – between March 2015 and December 2016. The scheme was discovered when a professor noticed that a number of Graves’ grades had been changed without her authorization. She reported it to campus IT security officials. The FBI affidavit claims that Graves changed his grades more than 90 times during those 21 months. He also allegedly changed grades on numerous occasions for at least five of his classmates. Grades were allegedly tweaked in a wide range of classes, including in business, engineering, and chemistry.
No Need For Airport-Like Security For Rail Travel – United States
Airport-like security screenings are not necessary for Amtrak or other rail travel, the new head of the Transportation Security Administration said Wednesday, speaking a day after eight people were killed in a truck attack in Lower Manhattan. "We don't intend to roll out anything like what we have in the airports," TSA Administrator David Pekoske told reporters at Grand Central Terminal. "We are satisfied with his point." Random checks of passengers, police and security officers and canines at rail terminals are among measures currently sufficient to protect those areas, without having to screen every passenger, like at an airport, he said. Pekoske said one priority is ensuring that there is a "continuous vetting process" of the more than 5 million people enrolled in the TSA's PreCheck program, which provides access to speedier security lanes and less invasive screening at airports in exchange for $85 and a background check. "It's not just a check on your background" when you enroll, he said. Pekoske, who took the reins of the Department of Homeland Security arm in August, was in New York City for a previously planned meeting with officials from the Metropolitan Transit Authority and Amtrak.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!