Latest Posts

The Mauritian Cybercrime Online Reporting System (MAUCORS) Launched


The Mauritian Cybercrime Online reporting System (MAUCORS) was launched today, Thursday, March 15, 2018 at The Meridien Hotel. With increase of cybercrime nowdays, the Ministry of Technology, Communication and Innovation found it necessary to have a centralised online reporting system so that the general public can report cybercrime incident. This will help CERT-MU to manage and respond to these complaints more easily and in a quicker way.

The user friendly portal also provide news and educational articles relating to cybercrime.

When reporting an incident, one shall provide some personal information such as name, email address, phone number, NIC number, etc. which will be used in accordance with the Data Protection Act 2017 of Mauritius. The information are required so as to

  1. To help us in identifying you while using the MAUCORS website;
  2. To enable you to report an incident to the website;
  3. Statistical Analysis
  4. Improving our service
  5. Requesting feedback from you
After reporting an incident, a link will be sent to the person’s email address so that he/she can check the status of the report later.

For more information or to report an incident, please visit the website:
MAUCORS: maucors.govmu.org/

The University of Mauritius Website Defaced By AnonPlus


A hacking group going by the name of AnonPlus has defaced the website of the University of Mauritius. The defacement page had the AnonPlus logo only. This was publish on the official Twitter account of AnonPlus. At the time of publishing, the website was unreachable

.

Source:[AnonPlus Twitter]

Petya Ransomware Causing Massive Attack

Thousands of computers around the globe have been hit by a new ransomware called Petya. Similar to WannaCry, the new ransomware is using the Ethernal Blue exploit as one of it mean to propagate itself inside network. After infecting the computers, victims are asked to pay $300 in bitcoins to regain access to their machine.
Several high profile firms have already been affected by the new ransomware. In Ukraine, the Ukraine’s central bank, the Kiev Boryspil Airport, Ukrenego electricity supplier, municipal metro, and state telecom have been attacked.

The international logistics company MAERSK has announced on its twitter account it has fallen victim of Petya ransomware.

 Researchers from Hacker Fantastic have noticed that the encryption process takes place after the infected windows device is rebooted. If devices are not powered on again, files will not be encrypted.

University College London (UCL) Suffered a Major Ransomware Attack


The University College London was hit by a major Ransomware attack on June 15 2017. The Ransomware infected personal and shared drives in the network and the UCL's information Security Team is working with the affected users to identify the exact source of the infection.
According to press release of the University, this could be a zero-day attack as the virus did not show any suspicious activity.

"We are continuing to investigate the infection that is affecting UCL users. Our current hypothesis is that the malware infection occurred through users visiting a website that has been compromised rather than being spread via email attachments. However this remains unconfirmed at the moment."

The security team later confirmed that the attack was not via email but by visiting infected website.
"We have continued to analyse the infection across the UCL filestore and the method of infection this is still ongoing. We have not seen any more users affected by the malware. We no longer think the infection came from an infected email but from users accessing a compromised website. Please be vigilant if you notice an unexpected popup or other unusual behaviour when you access a website close the browser and report it to Service Desk."

At the time of writing, the Security team were still restoring the infected drives.
Source: [UCL ISD News]

Beware of Fake Wannacry Protection Apps on Google Play Store


Researchers from MacAfee came across a series of rogue apps on Google store posing as Wannacry protectors. Wannacry is a Ransomware which affects Windows operating system only. But, cybercriminals are taking advantage of the trending topic to trick Android users into installing fake Wannacry protectors on their devices.

These applications are loaded with ads and once installed, they advertise sponsored applications, encouraging users into installing them. These sponsored applications may contain other malware. We advise our readers to follow the tips provided by MacAfee before installing any application:

Be careful what you download
 Don’t download anything for WannaCry protection unless it’s from a trusted security provider. More importantly, if the issue does not affect your type of operating system, don’t download anything you don’t need to.

Read app reviews.
Before you even download an app, make sure you head to the review section of an app store first. Take the time to read the reviews, and keep an eye out for ones that mention that the app is falsely advertised, or has had issues with security. When in doubt, avoid any app that seems remotely fishy.

Use a comprehensive security solution.
Whether the newest cyberattack is after your computer or your mobile devices, make sure you cover all of them with a comprehensive security solution.

Source:[McAfee]

WannaCry: The Global Ransomware Attack

By now, the ransomware cyber-attack which started on Friday has infected more than 200 000 computers in 150 countries, and, as per security researchers, this number will continue to rise. The ransomware, which is known as Wannacry, mainly target old or unpatched Microsoft Windows operating system by locking the device. To unlock the device, the user must pay a ransom of $300. This piece of malware lock the computer by encrypting its hard disk, preventing users from getting access to their files. They are presented with a screen where steps of how to decrypt their device is published. Big companies such as British NHS, FedEx and Telefonica have fallen victims of the cyber-attack.

Hackers behind this attack has been using EthernalBlue, an exploit developed by the NSA to identified flaws in Microsoft SMB protocol, and which was leaked in the dark web by a hacking group called Shadow Brokers. Microsoft released an update to patch the vulnerability on its newer version in March. Many users and administrators have failed to apply the updates, making it easier for the ransomware to spread more quickly.  As many small businesses and individuals are still using older version of operating system, Microsoft took an unusual step by releasing updates for Windows XP, Windows 8, and Windows Server 2003 so that all users can patch their system.

We advise our readers to apply the patch released by Microsoft as soon as possible and not to open any files received from an unknown source.

Microsoft Updates Catalogue [Click Here!]

Visitors

Free counters!

Translate

MauriHackerS - Providing Latest IT Security and Hacking News !