malware

Ransomware: The Threat that Lies in Wait

There can be no doubt that ransomware attacks are on the rise across the globe. A simple online search will reveal thousands of statistics in this regard, and South Africa is no exception. What is also clear from numerous examples of successful breaches, is the potentially devastating effect of a ransomware attack, which can cripple a business and shut down essential services for extended periods, not to mention cost a fortune to recover from. They are, in fact, legitimate business disasters, and need to be considered as such when it comes to disaster recovery and business continuity planning. Under Siege There is no shortage of high-profile examples of ransomware attacks in South Africa over the past two years, from Johannesburg City Power to the Life Healthcare hospital group, Transnet P...

How to Secure Your Remote Work Environment from Cybersecurity Threats

Sourced from International IDEA Cybersecurity threats are at an all-time high. With organizations increasingly employing hybrid work models, it has become more vital than ever to educate employees on the various cybersecurity risks that come with a distributed work environment. In a hybrid work environment, employees working from home pose a greater security risk compared to those working at the office. Home networks are less secured than corporate networks, unprotected by in-office firewalls and advanced fraud detection systems. In the comfort of one’s home, a small mistake by an employee could potentially risk the company’s confidential data being leaked. However, risks like data leaks and device compromise can be managed by following certain best practices. Here are some of the practice...

Understanding the Risks to Cryptocurrency Trading

Sourced from Hacker Noon. Alongside self-fertilizing crops and low-carbon shipping, cryptocurrencies have made the World Economic Forum (WEF) list of top tech trends in 2022 bolstered by research by the Thomson Reuters Foundation that describes it as moving from the ‘fringes of finance to the mainstream’. Perceptions around cryptocurrencies have shifted, with several countries adopting it as legal tender, banks looking to create their own forms of digital currency, and consumers putting their savings into crypto wallets instead of traditional financial institutions. Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa. Countries are either considering or are already partially using Central Bank Digital Currency (CBDC), which essentially allows for companies and individuals...

Mobile Malware Attacks Across Africa are on the Decline – Why It Isn’t a Good Thing

Image sourced from Sectigo. While analysing the threat landscape of African countries, Kaspersky experts saw a steady decline in attacks on mobile devices in the region, as cybercriminals consolidated their efforts to focus on more complicated, dangerous and profitable threats instead. These and other findings are featured in Kaspersky’s Mobile Threats in 2021 report. Overall, in 2021, South African users faced 38% less mobile malware attacks than in 2020, while other countries in the region have seen even more dramatic changes of their mobile threat landscape: Mozambique saw a 48% decrease, followed by Botswana (58%), Nigeria (59%), Ethiopia (69%) and Ghana (76%). The only countries where the share of attacks increased was Angola, where mobile malware actually grew by 12%. “Indeed, there ...

Hodlers beware! New malware targets MetaMask and 40 other crypto wallets

Security was never the strong suit of browser-based crypto wallets to store Bitcoin (BTC), Ether (ETH) and other cryptocurrencies. However, new malware makes the safety of online wallets even more complicated by directly targeting crypto wallets that work as browser extensions such as MetaMask, Binance Chain Wallet or Coinbase Wallet. Named Mars Stealer by its developers, the new malware is a powerful upgrade on the information-stealing Oski trojan of 2019, according to security researcher 3xp0rt. It targets more than 40 browser-based crypto wallets, along with popular two-factor authentication (2FA) extensions, with a grabber function that steals users’ private keys. MetaMask, Nifty Wallet, Coinbase Wallet, MEW CX, Ronin Wallet, Binance Chain Wallet and TronLink are listed as some of the ...

‘Less sophisticated’ malware is stealing millions: Chainalysis

Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis. Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report excluded ransomware, which involves an initial use of hacks and malware to leverage ransom payments from vicitms in order to halt the attacks. Chainalysis stated: “While most tend to focus on high-profile ransomware attacks against big corporations and government agencies, cybercriminals are using less sophisticated typ...

‘Less sophisticated’ malware is stealing millions: Chainalysis

Cryptojacking accounted for 73% of the total value received by malware related addresses between 2017 and 2021, according to a new malware report from blockchain analysis firm Chainalysis. Malware is used to conduct nefarious activity on a victim’s device such as a smartphone or PC after being downloaded without the victim’s knowledge. Malware-powered crime can be anything from information-stealing to denial-of-service (DDoS) attacks or ad fraud on a grand scale. The report excluded ransomware, which involves an initial use of hacks and malware to leverage ransom payments from vicitms in order to halt the attacks. Chainalysis stated: “While most tend to focus on high-profile ransomware attacks against big corporations and government agencies, cybercriminals are using less sophisticated typ...

Watch out for this credential-stealing Microsoft Exchange add-on

Image sourced from Discover Germany Kaspersky has uncovered a previously unknown IIS module (a piece of software aimed at providing additional features to Microsoft web servers) they have since dubbed Owowa that steals credentials entered by a user when logging into Outlook Web Access (OWA); it also allows the attackers to gain remote control access to the underlying server. Compiled sometime between late 2020 and April 2021, this module is a stealthy theft method that is difficult to detect with network monitoring. It’s also resistant to software updates from Exchange, meaning it can stay hidden on a device for a long time. In 2021, advanced threat actors were increasingly exploiting vulnerabilities of Microsoft Exchange Server. In March, four critical vulnerabilities in the servers allow...

ITC Secure and Cassava Technologies Announce Security Partnership

Image by Darwin Laganzon, Pixabay. ITC Secure (ITC), a leading advisory-led cyber security services company and a Microsoft Gold cyber security partner, and Cassava Technologies (CassavaTechnologies.com), the pan-African technology leader, announced today that they have entered into a Joint Venture (JV) to build and launch an extensive portfolio of cyber security services, powered by Microsoft Azure cloud technologies in Africa. Hardy Pemhiwa, the CEO of Cassava Technologies said: “Digital transformation in Africa is accelerating the adoption of cloud services which is creating an urgent need to better protect users and business-critical data. Cassava Technologies footprint covering more than 15 countries in Africa, we are well-positioned to meet the growing needs of businesses and individ...

Ransomware – Hindsight is 20/20

Sourced from Kaspersky Three things many companies wished they had actioned before a ransomware attack. There are few things worse than discovering that your business has been compromised. Be it a phish, ransomware, hack or malicious attack, it’s going to leave a long legacy of damage and complexity behind it. According to Martin Potgieter, Co-Founder and Technical Director at Nclose, “There are three things that most breach victims wished they had checked, or done differently, after they’ve been hit with a ransomware attack.” “The first is to ensure that the company firewall is filtering outbound traffic as aggressively as it is filtering inbound traffic.  Once an attacker gets a foothold within a network if there is unrestricted outbound access, they have the freedom they need to do...

How a Small Email Phish Can Become a Million Rand Ransom

Image sourced from Kaspersky. Cybercrime is smart, innovative, and agile. Cybercriminals are well-rewarded for their innovative attack vectors and have no incentive to stop finding inventive ways of penetrating systems and moving past the most vulnerable defences. According to Paul Grapendaal, Head of Managed Security Services at Nclose, there’s no standard playbook when it comes to penetrating a system successfully, but there are solid security steps that can mitigate risk and help the business manage the fallout. Steps that will help bolster your defences and ensure that one phish won’t cost your business millions. Paul Grapendaal, Head of Managed Security Services at Nclose. “There are obvious routes of attack, such as spear phishing, that are designed to focus on a target with the sole...

Targeted Malware is Raging Across South Africa, Kenya & Nigeria

According to the latest research of internet security firm Kaspersky on threat landscape trends, South Africa, Kenya and Nigeria are facing dramatic changes in the landscape. While regular, self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars, the region will see the growth of new cybercrime models in the upcoming year. While comparing the overall number of mass cyberattacks in 2021, security researchers at Kaspersky noticed a 7,5% decrease in Nigeria, a 12% decrease in South Africa and an unprecedented 28,6% decrease in Kenya. The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long-running trend where malware ...