CYBER SECURITY NEWS – January 2022



Malware: RedLine Stealer

A security company investigation found warnings about the malware known as “RedLine Stealer”. Users who saved their passwords in the browser are particularly endangered, the report said.

RedLine Stealer, a software that targets credentials and login data, is not actually newly discovered, but is popular with cybercriminals because it is easily distributed and effective. This malware was developed in Russia and sold in cybercrime forums for $150-200.

According to the report, this malware targets passwords saved by using the easy sig-in feature of web browsers. According to a given example, a user’s logon information stolen with a RedLine Stealer was used to access the company’s network despite having a security package installed on the system and could not be detected by malware security software.

RedLine Stealer targets the “login data” file found in all Chromium-based web browsers and appears as a trojan.

NEW OF THE MONTH
Data Leak in Logo Software!

Data leakage occurred at Logo Software, which provides digital solutions such as ERP, CRM, HRM, accounting software to companies. The data breach was announced on the Personal Data Protection Authority (KVKK) website.

What data leaked?

According to a statement from KVKK, Logo Software’s customers’ name, surname, title, ID no, tax no, communication, finance, and customer transaction information were seized. It has not yet been determined how many people’s data has been compromised.

  • A person sends an email to the data controller stating that he wants to discuss a data leak incident, after which an online conversation was conducted with the person concerned, and the data allegedly leaked by the person concerned was forwarded to the data responsible,
  • As a result of the examination, it was determined that the data belonged to the data responsible systems and that the violation was committed by unlawfully obtaining it,
  • The determination of all the details of the violation continues with the expert organizations and a criminal complaint has been filed with the Gebze Public Prosecutor’s Office,
  • Contact groups affected by the breach are users and customers/potential customers,
  • It is thought that the data responsible of the affected data may have name, surname, title, TC ID, tax ID, contact, finance, and customer transaction information of the customers of the individual company.

TIP OF THE MONTH
What should we pay attention to for safe browsing on the internet?

Don’t click on every link!

If you DON’T CLICK on links, there’s very little chance of infection. You shouldn’t click on ads that promise bids that are too good to be true. You should also be wary of misleading popups.

Be selective when downloading!

Downloading more programs for your work increases your chances of infecting harmful content. Be careful what you downloaded.

Download only from secure sources!

For your safety, when you need to download something, choose to download from the developer’s web page rather than the file download sites.

Always check site name!

In some cases, you may be asked to click on the link and pay, often going to addresses like the real one. They usually try to trick you by making a change to than name of the original site.

Don’t open things you don’t trust!

A virus or worm can’t harm you unless you open a malicious program. That is, downloading only one file does not pose a danger to you. If you think the file is unsafe after downloading, do not open or delete its contents directly until you verify it.

Check and aware of file extensions!

Be very careful about executable (exe) files. Malicious files try to deceive you by using misleading extensions such as “.txt.vb” or “. jpg.exe”.

Don’t spread your email address!

If a site wants your email address, it may be malicious. Your inbox may be filled with spam. Do not give your corporate email address to any site if possible.

Use a secure internet connection!

It is very risky for email, banking, and social media transactions of public Wi-Fi networks such as cafes, airports or hotels. Smartphone, laptop, tablet, or public computer, connect to networks you always trust whatever you’re using.