

Rewterz Threat Advisory – New GZipDe Malware Drops Metasploit Backdoor
June 24, 2018
Rewterz Threat Advisory – PDF attachment redirecting users to malicious site
June 26, 2018
Rewterz Threat Advisory – New GZipDe Malware Drops Metasploit Backdoor
June 24, 2018
Rewterz Threat Advisory – PDF attachment redirecting users to malicious site
June 26, 2018WannaCry 2.0 In The Making?
After the disasters of WannaCry in the global cyberspace last year, and the on-going fiasco of cyber-attacks involving the name, it’s predictable that these attacks aren’t likely to end here.
WannaCry is being played with to create even more powerful attacks and techniques.
Being the most impactful attack worldwide, WannaCry sets a historical example of both monetary losses and physical damages a cyber-attack can lead to. This standardized malware aiming to attack windows machines hindered real-life activities, like employees getting to work and patients receiving speedy medical treatments.
The current damages caused by WannaCry 1.5 phase are an indicator of the approaching WannaCry 2.0 phase, getting ready to unleash its malicious tactics for ransom-hungry hackers to use.
WannaCry 2.0 seems real because of the following advantages:
1. Delayed Patching
Organizations fail to update and implement the available patching cycles on time. A patch for EternalBlue released in March 2017 is an example of delayed patching, as organizations were affected by it even in May 2017 due to untimely patching.
2. Consistency in Hacking
The hackers don’t seem to be resting at all. Continuous streaks of zero-day and one-day vulnerabilities are being found every single day. Hackers are being inventive and trying to create hacking and ransomware streaks as big as WannaCry.
Government Agencies under pressure
Government agencies are under massive pressure as the global cyberspace turns into a battalion threatening national security and breaching confidential data of organizations. Government organizations responsible for keeping the cyberspace safe for general use are required to exercise hyperactive precautions to make sure any vulnerabilities found in the system are not leaked or exploited by attackers. These confidential and exploitable vulnerabilities could yield catastrophic results when accessed by hackers.
Several vulnerabilities and codes leaked from governmental organizations have already been accessed and exploited by hackers. WannaCry and EternalBlue are two major examples of ransomware exploiting this leaked data. Spreading at an exponential rate, these leaked codes invite not only the ransomware attacks but also crypto miners like Monero. The pressure on organizations to set up a strong defense plan is therefore becoming more nerve-straining with every passing day.
Guide for Enterprises and IT professionals
The speedy overnight patches required by these fast-leaking vulnerabilities have pressurized enterprises to seek help from IT professionals. The mass scale exploits like the Careem data breach and the Nadra data breech, along with the ransomware like the EternalBlue, targeting institutions, employees, customers and stakeholders have put IT professionals on the edge to find speedy solutions for every vulnerability they detect.
Security professionals should keep these things in mind to mitigate threat factors.
• Understand vulnerability databases
IT professionals need to conduct detailed analysis and testing for any found vulnerabilities and demonstrate how the problem will affect the organization. They should focus on the risk factors and determine the severity of every vulnerability. The IT professionals should then help organizations in deciding an action plan against the threat and suggest solutions to the problem.
• Out-of-the-ordinary workflow
Timely patching is hard for organizations with bulk workflow. However, that doesn’t lessen the importance of patching. To safeguard all the hard work that goes into running a business successfully, it is recommended to dedicate a team of tech experts fully focused on mitigating threat factors. The dedicated team can run timely testing and perform any patching and software updates available in the market against new discoveries of threats.
If you think you are a victim of a cyber-security attack, immediately send an email to info@rewterz.com for a rapid response.