Weekly Security Roundup #76: It’s All About Ransomware
2016 will go down in history as the year when encrypting malware became the no. 1 threat
It’s been a quiet week on the cyber security front – and by “quiet” we mean “same old ransomware attacks“. Ransomware is the subject that’s been getting everyone’s attention lately, as the number of attacks just keeps growing.
We published a security alert about a new ransomware strain. What’s particular about this one it’s that it claims to donate your ransom to children charity. Emotional extortion much? And of course it doesn’t donate anything, it’s just a social engineering trick to make people pay the ransom.
Another major article, that we’ve been working on for a veeery long time, is this list of tools that you can use to enhance your security and privacy. Last time we counted there were more than 50 free tools – and I’m sure we’ll quickly expand this list.
We also updated one of the most popular articles from our blog (almost 1.000 shares on Linkedin!) : 4 surprising reasons why the CEO is the biggest security risk for the company. Please join the conversation and let us know what’s your opinion on the subject.
Now off to what else is new in the cyber security world:
Security articles of the week
After last year they were advising people to pay the ransom, now they changed their mind. FBI advises you against paying the ransom, as you can never be sure if you’ll receive the key to decrypt your data.
272 million stolen credentials – that means user names and email accounts passwords – are being traded in the Russian “underground”.
Romanian hacker Marcel Lazăr Lehel, also known as Guccifer, explains how he breached Clinton‘s email server.
(spoiler alert: just like he breached any other email servers)
Balance between user’s security and comfort should become a priority to companies that commercialize Internet of Things products.
An electric and water utility from Michigan shut down its IT systems for a whole week because of a ransomware attack.
Hit with fake ransomware? The odds are small, but there’s still a possibility that it happened. Here’s how you can easily tell.
OpenSSL released some patches that fix severe security flaws. Two of them allowed cybercriminals to decrypt HTTPS traffic or execute malicious code on a web server.
How cybercriminals are using victim’s location to craft out customized scams and increase their odds to succeed.
They also want to find out all the personal information they can find out about you.
Blame it on the victim:
“[…] many organizations are still doing security like they were decades ago. The leading cause of reported data breaches is “miscellaneous errors” – mistakes made by employees – that open the door to attackers.”