The Cyber News Rundown brings you the latest happenings in cybersecurity news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst and a guy with a passion for all things security. Any questions? Just ask.
Multiple Dutch Banks Fall Victim to Week-long Cyberattack String
Over the last week, several of the largest banks in the Netherlands have been targeted by a string of DDoS attacks that have shut down much of the country’s banking services, affecting millions of customers. Officials have confirmed that no personal data has been compromised, and it appears they have been able to repair their website issues, allowing customers to slowly resume normal banking activity.
YouTube Removes ‘Cryptojacking’ Ads with Crypto Miners
Researchers recently discovered that YouTube has been displaying advertisements that come with a cryptocurrency miner, which is being used to generate revenue for the attackers. In addition to draining the victim’s CPU, the scripts used for the mining process were also generating ads for fake antivirus programs, in hopes of further cashing in on victims. Fortunately, Google was quick to respond and had the malicious ads taken down within a matter of hours.
Tracking Service Displays Military Bases Around the World
With the modern prominence of social media, less and less of our daily activities remains truly private. But how far will it go? When Strava, a fitness activity network that logs the activity of billions of users, posted a global “heat map” showing that activity, it also revealed the locations of dozens of military bases around the world. By viewing the map, it is easy to discover patrol routes, commonly visited locations, and the daily patterns for almost anyone using the app, from anywhere in the world.
Cisco VPNs Contain Severe Flaw
At least ten Cisco devices that run their Adaptive Security Appliance software were found with a flaw so severe that it was given the highest possible vulnerability rating. The vulnerability, which has since been patched, allowed for extremely simple remote exploitation and required no user authorization. Luckily, the flaw is only accessible if the user has enabled the WebVPN functionality on the device, and Cisco provided documentation on how to verify whether it is enabled, and if a device has been affected.
ATM Jackpotting Finally Arrives in the US
While it has spread through Europe and Asia for the past several years, the act of jackpotting an ATM has only recently made its way to the US. Jackpotting an ATM is as simple as gaining access to the device’s hard drive and either swapping it for a compromised drive, or infecting it with malware to give the attacker full control. By disguising themselves as ATM technicians, attackers gain easier access to the ATM and can even return later to quickly dispense the entirety of the ATMs cash reserves.