Weekly News Roundup 28/11/2016

Ransomware delivered by social media, Australia’s cybersecurity could be better, Jim’s Group suffers from security breach.

Ransomware via Facebook and LinkedIn.

ransom-note700-640x366Cyber Criminals have now developed a technique to distribute ransomware via the Facebook and LinkedIn social networks using specially crafted image files. The “Locky” ransomware was previously spread using infected macros within a word file but now by exploiting a flaw in the way social networks handle image files, the hackers have found a way to distribute the malware through the massive channel of social networks.
While browsing Facebook or LinkedIn, users may notice a file that has been automatically downloaded. This file must never be run as it will likely contain the Locky Ransomware or similar malicious code.

For the original story on Ars Technica, click here.

EZiWireless uses and recommends Cryptoprevent Premium to keep ransomware at bay.

Australia’s Cyber Security Minister says we should be doing better.

tehanDan Tehan, Australia’s first Cyber Security Minister addressed parliament to akcnowledge the holes in the national defence against online threats to business, infrastructure and government systems.
Tehan stated that in the event of a catastrophic cyber attack, the public would be justified in asking how the government failed to meet the responsibility of protecting the nation against malicious attackers.

“We are naive to think that in Australia we are immune to any such threats.” he said.

More from the SBS website here.

Jim’s Group customers targeted in email scam.

email_scamThe garden services empire seems to have had a security breach where hackers were able to access a client database of at least one branch and used the information to send emails demanding payment of an invoice linked in the message. The link downloads a potentially malicious file on the victims computer which is suspected to install and run ransomware on the email.
The invoices carry the branding for Jim’s Building Inspections and the fake invoices tend to be a couple of hundred dollars.
Users are reminded to never open unexpected email attachments.

Full story from ABC here.