Bitglass Security Spotlight: Google, SynAck, & Drupal

This post was originally published here by Jacob Serpa.

Here are the top cybersecurity stories of recent weeks: 

  • Google improves G Suite’s collaboration capabilities
  • SynAck ransomware evades antivirus software
  • Drupal websites subject to cryptojacking
  • Nigelthorn malware targets facebook users to mine cryptocurrency
  • 211 LA County exposes 3.2 million files through AWS misconfiguration

Google improves G Suite’s collaboration capabilities

Google has recently revamped its ability to integrate with a variety of other cloud services in an effort to bolster its position as a leader in collaborative cloud services. G Suite was recently found to be trailing Office 365 in enterprise adoption – more than two times as many organizations have chosen Microsoft’s offering as Google’s.

SynAck ransomware evades antivirus software

The SynAck ransomware has resurfaced in a new and improved form. The threat is now capable of employing the Process Doppelgänging technique. This means that the ransomware can hide its nefarious activities through code injection on Windows machines, inhibiting antivirus software’s ability to detect it.

Drupal websites subject to cryptojacking

Drupal-based websites have been exposed by vulnerabilities in the underlying Drupal platform. Malicious parties have been leveraging said security gaps in order to infiltrate websites and use them to engage in malicious cryptomining. This trend of cryptojacking is becoming fairly commonplace. 

Nigelthorn malware targets facebook users to mine cryptocurrency

New malware called Nigelthorn is infecting Facebook users through means like faux direct messages in order to steal their credentials and install scripts for malicious cryptomining. This is similar to the recent Stresspaint malware that also targeted Facebook users’ credentials.

211 LA County exposes 3.2 million files through AWS misconfiguration

Nonprofit organization 211 LA County is the most recent firm to suffer from a misconfiguration in its AWS S3 bucket. The NPO’s security mistake left 3.2 million files publicly available – files that contained personally identifiable information. For those that 211 LA County serves, this means that their personal information has been exposed to potentially nefarious parties.

While malware continues its assault upon the cloud, cloud access security brokers (CASBs) should be used to defend against zero-day threats in any cloud application (whether G Suite or Office 365). To learn more, download the Zero-Day Solution Brief. 

 

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!

No posts to display