About Over 50 Articles Library

RETURN TO LIBRARY INDEX

Content: Services - Computer

Computer Security No 51: Intercontinental hotel chain - stolen paycards data

Corporate - Private Computer Security

Intercontinental hotel chain - stolen paycards data

 

"Front desk cash registers at more than 1,200 hotels in the InterContinental Hotels Group, which includes the Holiday Inn and Crowne Plaza brands, were infected with malware that stole customer debit and credit card data between September 29, 2016 and December 29, 2016, the company said.

Intercontinental hotel chain - stolen paycards data

Group, which includes the Holiday Inn and Crowne Plaza brands, were infected with malware that stole customer debit and credit card data between September 29, 2016 and December 29, 2016, the company said.

InterContinental originally said only a dozen properties were affected, but has now expanded the list."

Holiday Inn, Crown Plaza, Hotel indigo, Candlewood Suites and Staybridge Suites were affected.

The company suggests that anyone who stayed at one of its properties during the time period the malware was present review their payment card statement for any unauthorized activity and report the charges to the credit card issuer.

(source: usatoday ; image source: hackread)

Russian hacker selling Ransomware-as-a-Service on the Dark Web

Intercontinental hotel chain - stolen paycards data

DevBitox (Russian hacker) is selling a RaaS (Ransomware-as-a-Service) named Karmen on the Dark Web forums.

Features:

* Price - It costs only $175

* encrypts files on PCs with AES-256 (powerful protocol) until the victim pays the money.

* the new version has a web-based control panel wtih a user-friendly dashboard that allows users to configure personalised versions of Karmen.

* it deletes its decryptor if a sandbox environment is detected.

So far, 20 users have purchased it and three left very positive reviews.

Intercontinental hotel chain - stolen paycards data

Is someone trying to build a botnet on Google Play?

Checkpoint researchers discovered a a malware called FalseGuide attack in a number of apps on Google Play. The apps were uploaded to the store in November 2016 and the estimates are now that nearly 2 million users were infected.

Intercontinental hotel chain - stolen paycards data

The malware was hidden in more than 40 guide apps for games with the last one being uploaded in February 2017.

"FalseGuide creates a silent botnet out of the infected devices for adware purposes. A botnet is a group of devices controlled by hackers without the knowledge of their owners. The bots are used for various reasons based on the distributed computing capabilities of all the devices.

FalseGuide requests an unusual permission on installation – device admin permission. The malware uses the admin permission to avoid being deleted by the user, an action which normally suggests a malicious intention. " - it all goes downhill from here, as the device can be used to conduct DDOS attacks (Distributed Denial of Service attacks), penetrate private networks, etc.

Check Point has provided a full list of malicious apps hiding FalseGuide, which posed as guides for FIFA Mobile, Criminal Case, Super Mario, Subway Surfers, Pokemon Go, Lego Nexo Knights, Lego City My City, Ninjago Tournament, Rolling Sky, Amaz3ing Spider-Man, Drift Zone 2, Dream League Soccer, and many more.

What can you do: download apps that are trusted and do not allow apps to gain admin permissions; keep an antivirus on your device; avoid Wi-Fi hotspots; don't click on links sent via SMS or MMS sent to your phone.

(image source: Bleeping computer) (info source: Check Point)

Cyber Security & Privacy suite for Directors and Executives

About Over 50 Intercontinental hotel chain - stolen paycards data

Are you prepared to discuss cyber at Board level? Are you aware of your obligations and defence as a director or officer of the company? Have you taken the necessary steps to mitigate the consequences of a cyber attack?

Are you prepared to discuss cyber at Board level? Are you aware of your obligations and defence as a director or officer of the company? Have you taken the necessary steps to mitigate the consequences of a cyber attack?

ABG offers the Cyber suite of course modules:

- Cyber threats and defences Module - Tactical plans

- Directors and Officers Module - Strategy

- Risk Management Workshop for Cyber

- Cyber Crisis simulation

Send your enquiries to admin@advisoryboardsgroup.com

Ransomware discussion (Part 3)

The Ransomware discussion and ways to prevent or deal with it if it happens is in the fortnightly odd-numbers of the Newsletters (Corporate Security).

Symptoms of infection:

* you cannot open files and get errors that a file is corrupted

* alarming message to pay ransom or instructions on how to pay to unlock your files

* a program that counts down until the ransom is increased or you won't be able to access your files

* a window opened to a ransomware program and you can't close it

* you see files in all directories with names such as HOW TO DECRYPT FILES.TXT

Infection vectors:

Email vectors: email attachment disguised; the file can have multiple extensions and is the most common way to become infected with ransomware

*Drive-by-Download: the users visit a compromised website with either an old or unpatched browser or an unpatched third-party application. The compromised website runs an exploit kit which checks for known vulnerabilities not yet patched by the vendor.

*Free Software Vector: offer of a free version of a software package, which can come as "cracked" versions of expensive games or free game, game "mods", adult content, screensavers, etc. Example: players are offered a Minecraft "mod" which when installed allows the a sleeper version of ransomware to be installed that activates later. Examples: Adobe Flash

(source:knowbe4)

To be continued in Newsletter #53.

Jokes

Memories of jokes

About Over Intercontinental hotel chain - stolen paycards data

About Over Intercontinental hotel chain - stolen paycards data

Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au

RETURN TO LIBRARY INDEX

 

© About Over 50s 2017             website by aml websites online