CSTI
    vulnerabilityThe Commercial Era (2010-2019) Daily Briefing Landmark Event

    Cryptojacking Surge and DDoS Attacks Mark February 13, 2018

    Tuesday, February 13, 2018

    Today, the cybersecurity landscape is significantly impacted by a surge in cryptojacking incidents linked to a compromised accessibility plugin known as BrowseAloud. Reports indicate that over 5,000 websites, including several government sites in the UK, have fallen victim to this malware. The result is a staggering 1,200% rise in cryptojacking activities. This surge not only highlights the vulnerabilities associated with third-party plugins but also raises concerns about the security of web applications and their potential for exploitation.

    In addition, this morning, Dutch banks and the national tax office are experiencing a series of distributed denial-of-service (DDoS) attacks. These attacks, ongoing since the start of February 2018, emphasize the persistent threat to financial infrastructure. The increasing frequency of DDoS attacks targeting such critical institutions underscores the need for robust defensive measures and incident response strategies.

    Overnight, a critical vulnerability (CVE-2018-4878) in Adobe Flash Player is being exploited in a large-scale spam campaign. This vulnerability allows attackers to execute arbitrary code on unpatched systems, further complicating the cybersecurity landscape. Organizations are reminded of the importance of timely software updates to minimize exposure to such risks. The incident reflects ongoing challenges with legacy software and the necessity for comprehensive patch management policies.

    These incidents collectively illustrate the dynamic and increasingly complex landscape of cybersecurity challenges faced by organizations in early 2018. The rise in cryptojacking not only poses immediate threats to affected websites but also signifies a shift in cybercriminal tactics towards exploiting computational resources for profit. Likewise, the DDoS attacks reveal vulnerabilities in critical infrastructure, necessitating enhanced protective measures for financial systems. With the Adobe Flash vulnerability serving as a reminder of the persistent risks associated with outdated software, organizations must prioritize security hygiene and proactive risk management to navigate these challenges effectively.

    Sources

    cryptojacking DDoS Adobe Flash cybersecurity