mac-malware-eleanor.png

This week Apple is experiencing yet another malware, Eleanor, that is tarnishing their “untouchable” reputation, PoS malware attacks hit another hotel chain, a critical vulnerability in Windows was patched on Tuesday that affected all Windows users.

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.


Mac Malware

A new malware has been detected dubbed Backdoor.MAC.Eleanor that targets Mac users through a file converter application via reputable websites offering Mac software.

why is this signficant?

  • Eleanor malware is a multi-faceted malware that gives the threat actor the ability to execute commands/scripts, steal/modify files and enable the webcam to take pictures.  Malware is always created with specific targets in mind, this type of tactic could possibly be used in a cyber espionage style of attack, creating a huge mess if stealing or modifying original files such as company IP, M&A plans, etc.
  • "The Eleanor malware has three components: a Web service with a PHP application, a Tor hidden service that allows attackers to connect to the affected systems over the Tor anonymity network and an agent that posts the Tor access URLs for infected systems to the Pastebin website."
  • Apple's Mac "untouchable" reputation has been touched recently, as we have started to see more malware sliding past detection.  Nothing is 100 percent safe and infiltration is inevitable. Yes, also on Mac devices.

/** enSilo provides real-time data protection also on Mac devices – read more**/

Read the full story on PC World

Breaches

PoS malware hits Omni Hotel.

why is this signficant?

  • This PoS attack was discovered May 30, and is assumed to have been injected into Omni's system already in December 2015, demonstrating the huge delay in detection and response.
  • This year, PoS attacks have hit Trump Hotels, Hard Rock Hotel & Casino, Hyatt Hotels, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings, as well as Wendy's & Noodles & Co., just to name a few.  The number of PoS attacks is increasing and the majority of PoS malware attacks go undetected by the current security solutions these companies trust.  Unfortunately, in the majority of PoS attacks, the credit card companies are identifying suspicious activity on their customers' accounts and then notifying the restaurant chain, retailer, casino or hotel of a possible breach.  The investigation then starts, determining that the malware has exfiltrated more customers’ data than they originally reported, as well as the fact that the malware was left undetected for a number of months prior to the investigation.
  • Omni Hotel has decided to withhold the number of locations that were affected, playing it safe.  There have been many cases in which after reporting a certain number of locations affected by PoS malware, a few weeks later the company releases the true number of affected which in some cases 3 x's the amount of the original reported number.  Not to mention, once a PoS malware has infiltrated the enterprise, the chances of it hitting again are possible.

/**enSilo protects against PoS malware – download the report now**/

Read the full story on CSO Online

Vulnerabilities

A critical vulnerability was patched that affects every version of Windows, including Windows Vista and later, also including Windows Server 2008 and later.

why is this signficant?

  • This critical vulnerability allows an attacker to install malware utilizing the printer, and use it for a man-in-the-middle attack to inject malware.
  • If this Windows weakness is exploited, it would give an attacker full reign of an operating system.
  • "Normally, User Account Controls are in place to warn or prevent a user from installing a new driver. To make printing easier, an exception was created to avoid this control,”  The irony is that the very tools that are supposed to be protecting devices are now being accessed by threat actors. 

Read the full story on ZDNet