Weekly Security Roundup
The most important cyber security news of the week, hand-picked and summed up
This week we’ve updated our guide with all the essential security blogs and websites you may want to follow and dive deep into the world of cyber security. You will find plenty of inspiring resources, from small to big blogs and websites, to independent researchers and experts, big names, media publications or security vendors to help you keep up to date with all the cyber security news.
We also wrote an in-depth article on biometric authentication, and everything you need to know about this technology. If you’re planning on purchasing an iPhone or other device with facial recognition, this blog post will come in handy.
Ready for the weekend? Keep calm and read some of the most important news in our weekly cyber security round-up.
Probably one of the most important news of this week is about the announcement of the WPA3 protocol, the long-awaited next generation of the wireless network. The new standard of Wi-Fi security will be available for both personal and enterprise wireless devices later this year, and aims at strengthening online safety for everyone.
If you’re planning on improving your cyber security skills and do networking and meet new people from this industry, conferences are always a good idea. The State of Security compiled this useful list of the top conferences in information security you may want to attend.
iPhone user? You should know that Apple already released an updated version of iOS, namely 11.2.2.,with security fixes to address Intel’s recent vulnerabilities. This version can be downloaded for free on all eligible devices over-the-air in the Settings app. To access the update, go to Settings –> General –> Software Update.
Microsoft published the January 2018 Patch Tuesday security updates, having fixes for 56 vulnerabilities and three special security advisories with fixes for Adobe Flash, including for the Meltdown & Spectre flaws, and a zero-day.
A group of researchers from the Ruhr University Bochum in Germany discovered a security flaw in the popular messaging apps, WhatsApp, that could allow hackers to spy on private group chats. Researchers said “that anyone who controls WhatsApp’s servers could effortlessly insert new people into an otherwise private group, even without the permission of the administrator who ostensibly controls access to that conversation”.
We recommend reading this report called “Botnet Threat Report” from the Spamhaus Project which, among other activities, keeps track of botnet activity, and the non-profit publishes lists of IP addresses and domains used by botnets for command and control (C&C). Reading this report can help understand how botnet owners choose hosting providers, top-level domains and domain registrars.
7. Microsoft Says Older Windows Versions Will Face Greatest Performance Hits After Meltdown, Spectre Patches
You’ve probably read a lot of news on this topic, but we also suggest this one. Microsoft has confirmed that users of older versions of Windows should expect to “notice a decrease in system performance” after they apply system patches to protect against the Meltdown and Spectre security flaws.
Security experts share their opinions on how to address one of the biggest cyber threat of this industry: the rapidly increasing cybersecurity workforce shortage.
An Italian security researcher, Roberto Bindi, discovered a flaw in Gmail that could be exploited to shut down Gmail by sending to the victim a specially crafted message, impeding the user from accessing his/her email address.
A global survey of infosec decision-makers found 92% of respondents have security policies to manage IoT devices, yet 53% lack sufficient tools to enforce the policies, according to a Forrester Research report. Ten percent of the 3,378 survey respondents lacked any tools at all to enforce the policies, Forrester’s State of IoT Security 2018 report found.
By the way: if you want to see what we’re reading and dive straight into the most important security news from the industry and beyond, we’ve set up a Flipboard magazine just for that. You can browse through it right now.
Before I tell you about the most relevant cyber security news of the first week of this new year, I want to wish you all “Happy New Year” and a very safe and secure 2018! It’s been only 5 days of this year and we already learn about two major and severe security flaws found in Intel CPUs: Meltdown and Spectre, which are affecting computers worldwide. If you haven’t done it already, we recommend keeping all your devices and applications up to date!
During this short week we published a comprehensive article on doxxing, which is a cyber attack that can ruin your life by discovering the real identity of an Internet user. This article teaches you how you can get doxxed and how you can protect yourself and prevent this from happening.
Here’s what happened in this first week of 2018 in cyber security, as we’ve summed up the most important stories of this week in our weekly security round-up.
You’ve probably read a lot about this topic these recent two days, but we recommend this one which explains concise and clear the main differences about these two security flaws found in Intel CPUs.
New year, new info about another data breach revealed. This time, the United States Department of Homeland Security (DHS) has confirmed the breach of the DHS Office of Inspector General (OIG) Case Management System (CMS), affecting around 240,000 employees in 2014. They may have been impacted by a “privacy incident”, stated DHS.
According to the senior security researcher Kyle Wilhoit, ransomware and DoS attacks will continue to grow and be among the most popular cybersecurity threats in 2018.
Curious to learn more about the cybersecurity trends of this new year? In this article you’ll read some cybersecurity predictions of 2018 which include more and big breaches, online proxy wars, GDPR fines and many others.
Do you remember about a breach made public in November by Forever 21? The company now said that the affected PoS terminals allowed hackers to install malicious software for nearly 8 months in 2017.
Two researchers have disclosed problems with hundreds of vulnerable GPS services using open APIs and trivial passwords (123456), which resulted in a multitude of privacy issues.
If you are an Android user, we recommend being careful about the apps you download from the online store. Trend Micro researchers informed Google that 36 malicious apps on Google Play are posing as security tools.
8. Apple Confirms ‘Meltdown’ and ‘Spectre’ Vulnerabilities Impact All Macs and iOS Devices, Some Fixes Already Released
Apple confirmed that Meltdown and Spectre security flaws affect all Mac and iOS devices, and that has released iOS 11.2, macOS 10.13.2, and tvOS 11.2 updates for them.
Security researchers discovered a new technique practiced by advertising companies to track web users that can’t be stopped by private browsing, clearing cookies or even changing devices.
According to a forecast by Gartner, we can all safely forget about passwords we use to secure and unlock our devices in the future. And think more of the idea that on-device AI will render password-based authentication obsolete.
By the way: if you want to see what we’re reading and dive straight into the most important security news from the industry and beyond, we’ve set up a Flipboard magazine just for that. You can browse through it right now.
This week we published a security alert about a new wave of spam campaigns containing the Emotet banking trojan that can exploit Windows admin rights on users’ PC. We also included a protection guide to better fight against these online threats.
We’ve updated our article with the most frequent warning signs of malware infection and what can you do about it. Do you recognize any of these scenarios? Be careful and take all the security measures needed. Already in the mood for Christmas? Before you start the party, we’ve summed up the most important stories of this week in our weekly security round-up.
How secure are your passwords? Are you using unique and strong ones? SplashData has released a list of the most popular, and insecure passwords users have been using in 2017. Protect your online accounts and avoid using simple and easily breakable passwords like “123456”, “qwerty”, “12345678”, “admin”, or “iloveyou”.
If you haven’t updated your WordPress blog or site, you should do it immediately. WordFence security firm found a severe backdoor that could allow the plugin author or attackers to remotely gain administrative access to WordPress websites without requiring any authentication.
Security researchers discovered that the Lazarus hackers group has “launched a malicious spear-phishing campaign using the lure of a job opening for the CFO role at a European-based cryptocurrency company”.
Security researchers found a new strain of Android malware lurking in fake antivirus and porn applications, which is capable of performing a plethora of criminal activities—from mining cryptocurrencies to launching DDoS attacks.
Researchers say that a hacker called Nexus Zeta created Satori botnet, which is a variant of the Mirai IoT malware that was released online in October 2016.
6. Twitter Just Got More Serious About Two-Factor Authentication. Here’s How to Better Protect your Account
Twitter introduced a new feature that lets users use third-party apps (such as Google Authenticator, Authy, or 1Password) to verify yourself at login. If you haven’t secured your account with two factor authentication system, you can do it now.
The price of Bitcoin has dropped more than 25 percent in four days, so what to expect for the next period? Here’s a perspective of this digital currency over the last years.
Curious to know what happened in the last month of the year in terms of data breaches and cyber attacks? Here’s a very useful list of data breaches and cyber attacks of 2017 with 33.8 million records leaked.
Be extra careful! If you get a video file (packed in zip archive) sent by someone (or your friends) on your Facebook messenger, do not click on it. Researchers found a new cryptocurrency mining bot which is spreading through Facebook Messenger and targeting Google Chrome desktop users.
Browser lockers (also known as browlocks) are designed to scare but also to create the illusion that the computer has been locked, which is not quite true. “Tech support scammers have been relying on fraudulent pop-ups for many years in order to scare potential victims into calling for remote assistance.”
By the way: if you want to see what we’re reading and dive straight into the most important security news from the industry and beyond, we’ve set up a Flipboard magazine just for that. You can browse through it right now.
This week we published a mega-guide about the top online scams for the Holiday season and a protection guide to better spot these Christmas scams. Also, are you still using Adobe Flash? If yes, maybe it’s time to let it go and try other alternatives. This article will tell you how Flash vulnerabilities expose you and what can you do to protect and avoid its critical vulnerabilities.
If you receive emails with attachments that look suspicious, avoid to click or download them. You could get infected with malware, and nobody wants that!
Read our recent security alert and learn about a new wave of exploit kits that target Microsoft Office vulnerabilities and attackers use them to deliver malware and collect users’ sensitive data.
As usual, we gathered the most important stories of the past days in this weekly round-up, so let’s find out the rest of the cyber security news.
As the price of Bitcoin sets a new record high to almost $18.000 in just a few days.several phishing attempts against Bitcoin-related sites and Bitcoin users have been reported. Bitcoin-related phishing attacks have also happened last year, but now they started to intensify with the buzz around Bitcoin’s pricing.
Researchers from the University of California San Diego (UCSD) designed a prototype system to determine if websites were hacked. They conducted their study and monitored over 2,300 sites from January 2015 to February 2017.
You probably heard by now. Net neutrality is DEAD, as 3 out of 5 federal regulators have voted Thursday to hand control of the future of the Internet to cable and telecommunication companies, giving them powers to speed up service for websites they favor or slow down others.
Security researcher, Troy Hunt, found a security vulnerability on a banking website and published a detailed article about it. Once again, this is an alarm showing how important is to carefully read before accessing various websites.
4IQ company discovered a single file with a database of 1.4 billion clear text credentials — the largest aggregate database found in the dak web to date. This data breach is massive and quite larger than the previous largest credential exposure, the Exploit.in combo list that exposed 797 million records.
Microsoft has released security updates as part of its monthly Patch Tuesday release train, and this month, the company has patched 34 issues affecting products such as: Microsoft Windows, Office, Office Services and Web Apps, Internet Explorer, Microsoft Edge, or ChakraCore.
US authorities gave details of a guilty plea by 21-year-old Paras Jha from Fanwood, New Jersey, who has admitted creating the Mirai botnet by commandeering hundreds of thousands of vulnerable IoT devices, without the knowledge or permission of their owners.
Researchers at IoT security firm Armis earlier this year found Blueborne, a new group of airborne attacks. The vulnerabilities let attackers take full control of any device running Linux, or OS derived from Linux, putting the majority of IoT devices at risk of exposure. They provided details and demos of their latest findings at Black Hat Europe 2017conference in London.
Cyber security researchers recently discovered a new form of malware, dubbed Triton, which has been used used by cyber criminals for the purpose of attacking industrial processes and core infrastructure we all rely upon for supplies such as gas, oil, and electricity.
There’s no doubt that ransomware was one of the biggest attacks of this year. Another year is just around the corner, and it’s time to look back and see the 5 biggest ransomware attacks of 2017: Wannacry, Petya/nonPetya, BadRabbit or Locky.
We’ll probably hear about some of these threats in 2018 as well.
Curious to read what happened this week in the industry? Here are most important stories of the past days in our weekly security round-up. Grab your tea or coffee and read below the summary of an intense week in cyber security.
The most important story of this week was probably the one about a security breach suffered by NiceHash, one of the most popular crypto-mining marketplaces. The the stolen money was tracked to a single Bitcoin wallet and the amount was estimated at $70 million.
Let’s see all the stories of the week.
December is here, which means that this year is almost over and there’s also time for some security predictions for 2018. According to Kaspersky Security Bulletin, we should expect to see more supply chain attacks next year,high-end mobile malware, more router and modern hacks, and many other cyber attacks.
If you are using WordPress, it is recommended to check for recent updates. Nearly 5,500 WordPress sites were infected with a malicious script that logs keystrokes and sometimes loads an in-browser cryptocurrency miner.
Bitcoin’s value seems that’s not going to stop from going high anytime soon. Its value just hit the $15,000 for the first time.
Last week, Uber made an announcement about a massive data breach in October 2016 that affected personal data of 57 million customers and drivers. New information emerged saying that the company was paid a huge amount to a 20-year-old Florida man to destroy the data and keep the data breach secret.
NiceHash, one of the most popular crypto-mining marketplaces, has apparently suffered a security breach that resulted in around $70 million in Bitcoin stolen.
31 million users of a third-party smartphone keyboard app called ai.type saw their personal data exposed due to an unprotected online database. Only Android users were affected by this security breach.
New report finds that Android ransomware kits are on the rise in the dark web, with a median price being 20 times higher than the $10 median price of Windows ransomware kits.
Are you using Windows operating system on your computer? You need to apply updates immediately, because there is a critical remote code execution (RCE) vulnerability in its Malware Protection Engine (MPE) that could allow an attacker to take full control of a victim’s PC.
According to Phish labs, in the third quarter of 2017, nearly a quarter of all phishing sites hosted on HTTPS domains were spotted, almost double the percentage compared to the second quarter.
Data of 1.2 million students being handed over to the private company BrainCo. The company is using students’ data to create “the world’s biggest brainwave database.”
This week we published an in-depth article about cryptocurrency security in which we tell you true stories to teach you how to safely invest in digital currency.
We also recommend reading the article about things you should not share on social media, be it Facebook or Instagram, and how they can impact your online safety. Also, use this protection guide to make sure you don’t get hacked or suffer important data loss.
Curious to know what happened this week in cyber security? Here are most important stories of the past days in our weekly security round-up, so keep calm and read the news:
According to the EY survey of nearly 1,200 C-level leaders of the world’s largest and most recognized organizations, 12% of respondents are likely to detect a sophisticated cyber attack. Findings also show that 56% of those surveyed are making or planning to make changes to their strategies and allocate budget for cybersecurity to build stronger resilience to such attacks.
2018 is just around the corner and security researchers at Malwarebytes Labs have compiled a list of predictions likely to impact businesses and consumers in the new year. Among them: crypto jacking activity is expected to see far more activity in 2018, being a top priority for cybercriminals, we’ll see an increase PowerShell-based attacks and online criminals targeting and exploiting more security software.
Uber transportation company recently admitted they suffered a data breach in 2016 that affected some 57 million customers, including both riders and drivers, revealing their names, email address and phone numbers. The company did not report the incident to regulators, but instead prefered to pay “$100,000 to “hackers” to get rid of the data in order to keep the breach under wraps”.
Ransomware attacks are on the rise and will continue to grow in the following years. Some industries will be more targeted than others. Cybersecurity experts predict that ransomware damages will cost the world $5 billion in 2017 and climb to $11.5 billion in 2019.
A recent study from Princeton University has suggested that hundreds of sites record your every move online, including your searches, scrolling behavior, keystrokes and every mouse movement. Researchers analyzed the Alexa top 50,000 websites in the world and found that 482 sites, many of which are high profile, are using a new web-tracking technique to track every move of their users.
Organizations encounter an average of eight DDoS attack attempts per day, up from four attempts a day at the start of the year, said a new Corero Network Security report that tracks DDoS trends from Q2-Q3 2017.
Intel company talked in a recent security alert about two classes of vulnerabilities in remote management software and firmware that could put organizations’ most trusted data at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted. The vulnerabilities – affecting enterprise and consumer computers – exist in a variety of chips that Intel has released over the past several years, including the 6th, 7th and 8th generation Core processors, Xeon processors, Apollo Lake and Celeron processors, said Intel.
Recent reports said that the personal information of almost 1,700 customers has potentially been exposed after builders merchant Jewson suffered a data breach. The exposed data include “names, location, billing address, password, email, phone number, payments details, card expiry dates and CVV numbers” and “may have fallen into the hands of an unauthorised person”.
Mozilla developer Subramanya has revealed the organization’s Firefox browser will soon warn users if they visit sites that have experienced data breaches that led to user credential leaks. Subramanya explained that Mozilla has teamed with haveibeenpwned.com to source data that will inform users.
Imgur, one of the world’s most visited websites, officially confirmed a hack happening back to 2014. The company said the breach didn’t include personal information because the site has “never asked” for real names, addresses, or phone numbers. The stolen accounts represent a fraction of Imgur’s 150 million monthly users.
This week we wrote an article about browser security and analyzed all the ways in which you can browse safely on the Internet, no matter if you’re using Chrome, Edge or the latest Firefox. We recommend reading it to find out more about browser’s vulnerabilities, including useful tips, advice and best practices for a secure browser.
The most important story of the week was the one about Apple’s Face ID system and how security researchers found a way to hack it using a mask. As usual, we gathered the most important stories of the past days in this weekly round-up, so let’s find out the rest of the cyber security news. Grab your coffee or tea and read on!
We know that Android platform is more vulnerable to cyber attacks than iOS, and Nokia’s latest Threat Intelligence Report is here to confirm this. According to their findings, Android is by far the most attacked mobile platform with no less than 68.50 percent of the malware specifically aimed at Google’s operating system. It is followed by Windows with 27.96 percent, while the remaining 3.54 percent goes to the “other” category that also includes the iPhone.
If it’s Tuesday, it’s time for Patch day! This month, Microsoft released its security updates and patched 53 vulnerabilities, 19 of which were rated critical. As always, customers are advised to keep their software programs up to date and avoid clicking on suspicious links or malicious attachments.
When Apple announced the new iPhone X, one of its new features was the Face ID system, which makes your face the password to unlock your phone. New security researchers have found a way to bypass Apple’s Face ID security system using a mask that cost $150.
Several thousand spambots incorporated quotations from a Star Wars novel into the attack messages they sent out to their targets. Cyber criminals took advantage of the send-to-a-friend forms many companies are using so visitors can share in-site content with their friends.
Forever 21, the American fashion outlet, announced it has suffered a data breach at some of its store. The cause? The company said “certain point of sale devices in some Forever 21 stores were affected” because encryption “was not in operation.”
According to a new survey, nearly half of 500 IT leaders in the UK, France, Germany and the US believe it is likely that their organisation will face a major, disruptive cyber attack in the next 12 months. While they seem to be “ready” for such attacks, study found that at the same time they fail to take the right measures.
If you are a Firefox user, you might have noticed some changes in the latest Firefox 57 update, also known as Quantum, released on 14 November.
This next major update comes with an option to turn on Tracking Protection, which—as the name implies—protects you from tracking. Specifically, it stops sites from loading code that can be used to track you across multiple websites.
Malware infections against BYOD and corporate mobile devices are expected to continue to grow, new data shows. According to a Check Point report, businesses have been exposed to mobile malware incidents, noting that 94% of security professionals anticipate actual mobile malware attacks to continue to increase, with nearly 66% doubting they can prevent them.
Android users, beware of what you download from Google Play! A new piece of mobile malware has been discovered in Google Play being disguised as multiple apps: an alarm clock app, a QR scanner app, a compass app, a photo editor app, an Internet speed test app, and a file explorer app.
The most important story of the week was the one about a fake Whatsapp application found in Google Play store that tricked over a million of users into downloading it.Let’s find out what happened in cyber security industry this week in our weekly security roundup. Grab your coffee or tea and read the news!
We begin our roundup with Whatsapp, as we know it’s one of the most popular and used app out there. Be careful on what you download from Google Play! This scam Whatsapp app was first spotted by Reddit users and was called “Update WhatsApp Messenger”. It appears that the bad guys chose a smart trick to deceive inexperienced app users into downloading it. The app was listed as a product of WhatsApp Inc., which is known to be the real developer of the favorite app.
News about new ransomware emerging don’t seem to stop anytime soon. According to security researchers, new variant of the Crysis/Dharma ransomware has been released. This his new version will append the .cobra extension to encrypted files. It is not known exactly how this variant is being distributed.
New information about Equifax come to light. The company claimed that four top executives did not know about the worst data breach in Equifax history when they collectively sold about $1.8 million worth of shares.
Women in cyber security. If you’re passionate about cyber security, this story might inspire you to follow your path in this industry. Lisa Bobbit from Cisco share her experience and gives insightful recommendations on how she succeeded and fall into cyber security.
According to a new research that surveyed 913 IT security professionals, it found out that 18 percent of them still use a paper-based logbook to manage privileged accounts. These findings are significant considering that privileged accounts provide unlimited access to essential IT infrastructure and a company’s most critical and sensitive systems and data.
Here’s another interesting research! A study of dark web markets by Google in partnership with the University of California at Berkeley has found millions of usernames and passwords that were stolen directly through attacks, and billions of usernames and passwords indirectly exposed in third-party data breaches.
Is something safe this days on the Internet? A total of 2,531 of the top 3 million websites (1 in 1,000) are running the Coin Hive miner, according to new stats from analytics firm Red Volcano.
Hackers have been exploiting a vulnerability found in Microsoft’s software to install malware on business computers. Security researchers discovered that a Russia-linked hacking group known as APT28 have been using a Microsoft protocol called Dynamic Data Exchange (DDE) to run malicious code through a poisoned Word document.
According to a new study, 43 percent of consumers in the US and 46 percent in the UK say they have ‘no idea what AI is about.’ The majority of respondents are optimistic about the potential for AI to manage both personal and professional tasks. However, the data shows the need for more education on the new opportunities AI can create to increase productivity and help build businesses.
Hackers use various methods to gain access and hijack users’ accounts. Research found that phishing is a greater threat to users than keyloggers and third-party breaches. In terms of numbers, researchers have identified 788,000 potential victims of keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches. More findings in the article.
This week we published an article about IoT devices and how many times a person can get hacked in just 24 hours. We recommend reading it to find out an easy-to-follow guide on how to secure settings on these devices.
Now let’s see the major stories of the past days in our traditional weekly round-up. As always, the cyber-security landscape brings new challenges, so read on!
Sometimes it’s hacking, sometimes it’s an extremely unfortunate series of events, coupled with negligence from the user’s part.
This was the case with the Heathrow Airport incident, where an unencrypted USB flash drive was found on a street. The flash drive contained highly sensitive information detailing airport security, anti-terror measures and VIP travel protocols.
Slack is one of the most popular communication platform nowadays, both for regular users and organizations, but you should also keep a close eye on it. The latest in a series of vulnerabilities is the ‘SAML’ flawed implementation, which affected mostly enterprise customers. Fortunately, Slack also has a generous bug bounty program, so this vulnerability was plugged.
In a twist of events, security researchers now consider the famous Reaper botnet a much smaller threat.
Experts around the world were extremely worried but now assess its size at 28.000 devices, much smaller than first reported. However, due to botnets’ nature, this number could rapidly expand again.
A phishing link made the rounds via Facebook Messengers in countries from Western Europe. It fooled users into thinking they’re clicking on a Youtube video, but redirected them through a series of shortened links to a compromised domain. Read on for the full details.
If you run a WordPress site using version 4.8.2 or earlier ones, please update it urgently! There versions are affected by an issue leaving users exposed to potential SQL injection (SQLi). The WordPress core was unaffected, but, as you know, plugins are always vulnerable.
Fifteen Malaysian telcos and mobile virtual network operators (MVNO) were compromised. The news came to light through Lowyat.net, an Internet forum and technology magazine. Editors received a tip that someone was attempting to sell several large databases of personal information on Lowyat.net’s forums.
A malicious Chrome extension is spreading in Brazil, and it’s capable of stealing everything typed inside a browser window. More alarmingly, a chief research officer at Morphus Labs said that Catch-All is the third extension of this type since August.
On November 1st, Bitcoin broke an all-time high, going over the $7000 threshold. Of course, so did malicious hackers’ efforts. A new bitcoin malware attack has co-opted more than $150,000 of this cryptocurrency, using the new attack strain called CryptoShuffler.
After infecting a device, it begins monitoring the clipboard activity. Because of convenience, many users copy and paste the recipient’s wallet ID into transaction destination fields.
CryptoShuffler then intercepts the copied walled string and replaces it with one sending Bitcoin directly to them.
It’s time to update, because Apple addressed the KRACK Wi-Fi vulnerability for some devices. It was a major one, which allowed malicious hackers to listen to Wi-Fi traffic for passwords and other personal data.
Oh, and there’s also a new emoji.
Want more lists? Here’s a huge one of all the attacks reported this October. We start November with fresh energy, it’s useful to see what went down the past month and identify trends. As this round-up from IT Governance shows, 55 million records leaked – an alarming, but somewhat predictable number.
This week we published a major security alert, one that should not be overlooked: be careful about Bad Rabbit, a ransomware outbreak delivered through a fake Adobe Flash Update. It’s significantly more threatening than its predecessors like non-Petya or WannaCry, because it also saves the collected information.
This malware spread like wildfire through major organizations in South-east Europe, the US and other territories, compromising the Kiev metro, the Odessa airport and other, private businesses.
You will also find in the alert more details about how this ransomware spread and what you can do to protect yourself from it.
With that being said, we gathered the most important stories of the past days in this weekly round-up. Settle back, grab your coffee or tea and see below the summary of a really intense week in cyber-security!
If you thought older Internet users are more at risk for Phishing scams, this report will surprise you. According to the UK government-backed Get Safe Online, 11% of younger adults are more likely to be a victim of a phishing attack, compared to 5% in the case of the 55+ demographic. They’re also more likely to lose 3 times more money compared to their peers, in the event of such an attack. See why in the link above.
This troubling figure comes from the Webroot Quarterly Threat Trends Report, who further breaks down the numbers. Every day, 46.000 new phishing sites pop-up, the majority of them being online and active for a maximum of 8 hours in order to avoid anti-phishing strategies.
Google is working on a new security feature that could prevent your Internet traffic from network spoofing attacks. It’s called DNS over TLS and works similarly to https, enhancing privacy with end-to-end authenticated DNS lookups. However, if you want to conceal your traffic from your internet service provider, you would still need to use a secure VPN service.
4. Google launched a new bug bounty program to root out vulnerabilities in third-party apps on Google Play
Google is also launching a bug bounty program for Android that will award $1000 for issues that meet its criteria. It’s an important step towards securing the Google Play environment, an area long-plagued by vulnerabilities.
This cyber attack comes from “The Dark Overlord”, the same hacker person or group who, back in April, claimed to have stolen yet launched episodes of Orange Is The New Black. The stolen data is comprised of both patient list and highly-graphic, close-up images showing surgeries performed in this high-end clinic.
In an amazing twist of events in the Kaspersky-Russian hackers affair, Kaspersky shifts the blame onto an NSA employee who pirated Microsoft Office. The NSA employee used an illegal keygen for a pirated copy of MS Office and this keygen was infected with malware. You can’t make this stuff up!
This week marks another major event for cryptocurrency. There was a fork that created a new version of Bitcoin named Bitcoin Gold – there’s now Bitcoin, Bitcoin Cash and Bitcoin Gold to invest in, if you’d like. However, the transition was not smooth, because the official Bitcoin Gold website was accessed 10 million times a minute in a medium-sized DDoS attack. Could the attack come from classic Bitcoin supporters?
Where do links to phishing websites come from? Well, it could be social media, it could be instant messaging and it could also be good old-fashioned email. According to the Proofproint Quarterly Threat report, the volume of malware emails rose 85%. More alarmingly, a whopping 24% of those emails link to banking trojans. These do more than just steal your money, something we expanded on here.
According to a new Malwarebytes report, conventional antivirus solutions are struggling and failing to protect users from attacks.
We always underlined the importance of multiple security measures to protect yourself: using Heimdal as an essential supplement to an antivirus, practicing safe browsing, using two-step authentication and more.
A security researcher told Motherboard that he warned Equifax about their security gaps.
“All you had to do was put in a search term and get millions of results, just instantly—in cleartext, through a web app”, he says. Unfortunately, we all know that Equifax didn’t heed his warning and the result was millions of people’s data exposed.
This week we published a security alert about brute-force attacks used by online hackers to spread ransomware and compromise users’ systems and valuable information. You’ll also find a set of recommendations and security measures that businesses should use to fight against these attacks.
The story of this week is about the Krack vulnerability which was discovered by security researchers and potentially impacting almost every Wi-Fi enabled device.
Here are some of the other cybersec stories of the week that you’ll find in this weekly roundup:
Adobe released a Flash Player update addressing a zero-day vulnerability that has been exploited by a little-known Middle Eastern APT group, Black Oasis. This vulnerability, CVE-2017-11292, was initially discovered by researchers at Kaspersky Lab, who saw the payload and exploit used against a customer’s network.
According to a recent survey, more than 40 per cent of non-IT/data senior executives admit to not fully understanding blockchain technology, while over half of businesses sampled are planning blockchain initiatives.
Earlier this week, security researchers announced a newly discovered vulnerability called KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. It’s a critical vulnerability that it potentially affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time.
Researchers have discovered malware crafted to compromise ATMs available for sale on the Dark Web at a high price. Anyone can buy such malware for only $5000 through darknet markets.
The Carnegie-Mellon University’s Software Engineering Institute has nominated transport systems, machine learning, and smart robots as needing better cyber-security risk and threat analysis. This is part of the Emerging Technology Domains Risk Survey, a project it has handled for the US Department of Homeland Security’s US-CERT since 2015.
In its patch availability announcement, Oracle released security patches to their systems for another 252 vulnerabilities across products including Oracle Database Server and Java SE.
Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices.
The cyber security expert, Troy Hunt, discovered 27GB file called “masterdeeds.sql” which was a MySQL database backup files containing a wide range of sensitive information about South African citizens such as: ID numbers, personal income, age, employment history, company directorships, occupation, employer and other personal data. Troy explains on his blog everything he knows about this massive data breach.
There is a new Locky ransomware strain out there that goes by the .asasin extension and is collecting information on users’ computer operating system and IP address.
University of Kansas was victim of a data breach after an engineering student used a keylogger to change his failing grades to straight A’s, after stealing their login credentials to the grading platform.
This week we wrote about cyber attacks and explained why online criminals have switched to more sophisticated attack vectors. They are now using more advanced and complex technology to find their next targets,with the help of the surprise factor.
We also published a security alert about two critical vulnerabilities found in Microsoft when the company released its monthly security updates.
Our new colleague, Ana, published her first article about airline scams, providing useful tips on how users can easily identify and prevent these types of scams. We recommend reading it, especially if you are an avid traveler.
The most important story of this week was the one about the Australian Defence Force being hacked and top secret technical information being stolen from an Australian defence contractor.
Here are some of the other cybersec stories of the week that you’ll find in this weekly roundup:
It seems that the Equifax Saga continues. The company’s website might have been, once again, under the influence of attackers, and redirect users to fake Flash update.
Another big technology company has fallen victim of a data breach and confirmed that left a massive store of private data across four unsecured cloud servers. This lead to exposing highly sensitive passwords and secret decryption keys that could have produce damage for the company and its customers.
This article gives details about five bad cybersecurity habits that could lead to devastating consequences for users.
According to IDC, vendor revenue from sales of infrastructure products for cloud IT, including public and private cloud, grew 25.8% year over year in the second quarter of 2017, reaching $12.3 billion.
Felix Krause revealed a method for phishing Apple ID passwords on iOS that would be quite indistinguishable from a real iOS password request. Following this example, Malwarebytes talks about this tactic used in the Apple ecosystem and how this affects users’ privacy.
Malware authors don’t necessarily need to trick users to enable macros to run malicious code. An alternative method exists, one that takes advantage of another legitimate Office feature called Microsoft Dynamic Data Exchange (DDE). It allows an Office application to load data from other Office applications.
For the second time since 2015, Hyatt Hotels has suffered a breach of customers’ payment card data due to attackers infecting its systems with malware.
TOP secret technical information about new fighter jets, navy vessels, and surveillance aircraft has been stolen from an Australian defence contractor. According to an investigation made by Australian Signals Directorate (ASD), it seems that the company had not changed its default passwords on its internet facing services. They used basic (and too simple passwords): admin password was ‘admin’ and the guest password was ‘guest’.
DDoS attacks on two separate days have brought down several IT systems employed by Sweden’s transport agencies, causing train delays in some cases.
This new Android ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. Known as DoubleLocker doesn’t have the functions related to harvesting users’ banking credentials and wiping out their accounts.
The most important story of this week was the one about Yahoo announcing more users impacted by its huge 2013 data breach. The company reported this week that the data breach actually might have affected up to three billion accounts, and not 200+ million users as originally said.
Here are some of the other cybersec stories of the week that you’ll find in our weekly roundup:
Another data breach was disclosed. Disqus announce on its official blog that email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5 million users were compromised by a data breach.
In the light of these recent data breaches, the independent investigative journalist, Brian Krebs, wrote an analysis of what happened with Equifax and Yahoo companies’ and said: “Assume you’re compromised, and take steps accordingly.” Worth reading!
The National Lottery confirmed on Twitter that it was subject of a DDoS attack and there ar eno info if someone was attempting to blackmail the National Lottery. On Saturday 30 September, www.national-lottery.co.uk and its associated app were made inaccessible by online criminals who flooded the site with traffic.
A recent survey conducted by Dimensional Research found that many companies are not prepared to deal with DNS attacks, and a quarter of the ones that have already been hit reported significant losses.
Google reportedly is planning to provide stronger authentication to politicians, corporate executives and other at-risk individuals as part of a service called the Advanced Protection Program.
Equifax Saga continues. The company announced at the beginning of this week new results of its data breach investigation. The forensics investigators have concluded that some 2.5 million more US consumers were affected by the data breach it revealed early last month, bringing the total number to 145.5 million.
Earlier this week, Yahoo announced that the data breach reported earlier this year did not impact 200+ million users as originally thought. The reality is that up to three billion accounts may be compromised.
Wall Street Journal reported that hackers working for the Russian government stole confidential material from a National Security Agency contractor’s home computer after identifying files though the contractor’s use of antivirus software from Moscow-based Kaspersky Lab.
Worldwide IT spending is projected to total $3.7 trillion in 2018, an increase of 4.3 percent from 2017 estimated spending of $3.5 trillion, according to the latest forecast by Gartner.
If you are interested in becoming a certified ethical hacker, or penetration tester, here’s a list with five courses and certifications to attend.
This week we’ve published an article about the Facebook privacy and security, providing you a complete guide with everything you need to know for being safe on this social network.The biggest story of this week was the one about the global accountancy firm, Deloitte company, that has been hit by a sophisticated hack. Attackers might have had access to sensitive data such as emails, passwords or business plans.
Here are some of other cybersec stories of the week that you’ll find in our weekly roundup.
Global accountancy firm, Deloitte, has been hit by a sophisticated hack. The cyber attack went undetected for months and hackers managed to access email addresses, as well as company plans, and the private information of high-profile, blue-chip clients.
There’s a lack of skilled cyber security experts in the industry, and may organizations are still facing it. If you are hiring, focus on these following security skills and your team will be prepared to face and prevent the damage of cyber attacks.
At least one-quarter of all councils – a form of local government – in the United Kingdom have fallen victim to ransomware attacks. The good news is that councils seem to be taking this threat seriously and focus on solid backup solutions.
According to a new study, more than one-third (35%) of IoT device owners do not change the default password on their devices, leaving them vulnerable to attacks. Study has found that only 17% of IoT device owners know what Mirai is.
Researchers have reported an increase in activity for a Facebook-hijacking threat known as Faceliker. It is a type of trojan that’s trying to manipulate users’ Facebook accounts in an effort to generate artificial “likes”.
Europol’s recent Internet Organized Crime Threat Assessment (IOCTA) Identifies the main cybercrime threats and provides key recommendations to address the challenges. Some of the reports’ highlights found that ransomware “has eclipsed most other cyber-threats with global campaigns indiscriminately affecting victims across multiple industries in both the public and private sector”.
Security researcher Manuel Caballero recently discovered a bug in the latest version of Internet Explorer that leaks the addresses, search terms, or any other text typed into the address bar.
An analysis by Duo Labs, the research arm of Duo Security, of more than 73,000 Mac systems found that in many cases the EFI (The Extensible Firmware Interface) is not receiving security updates, leaving users vulnerable to attacks.
Whether you are a newbie or a skilled internet user, you can easily become a victim of a scam targeting consumer or enterprise internet users. Here are some useful tips you can use to keep the cyber criminals away.
Malwarebytes discovered a malvertising incident on MSN.com, the Microsoft web portal that attracts millions of unique visitors. “While clicking on a story promoted by Taboola – a leading global discovery platform which Microsoft signed a deal within 2016 – we were redirected to a tech support scam page. The warning claims that our computer has crashed and that we must call a number for immediate assistance.”
This week we’ve published an article about the CCleaner incident that potentially spread malware and affected 2.2 million people using the infected versions. The other article was about the Equifax data breach with facts about what happened plus an essential protection guide for users to enhance their online security. The biggest story of this week was the one about the attack against CCleaner, one of the most popular PC cleaner applications, that was compromised by hackers and potentially infected 2.2 million people. Later on the end of the week, researchers found that hackers have also target large tech firms.
Here are some of the other cybersec stories of the week that you’ll find in our weekly roundup:
Researchers have analyzed the most popular browsers and discovered that Google Chrome is the most resilient against cyber attacks.
A new report from the Internet Society shows its findings on the future cyber security threats and challenges focusing on a few security-relevant issues.
A new Netskope report took a close look at GDPR readiness among enterprise cloud services and discovered that almost three-quarters of cloud services still lack key factors to ensure compliance.
New update in the case of CCleaner incident shows that cyber criminals might have also targeted the networks of important tech companies like Intel, Google, Microsoft, Sony, HTC or even Cisco.
Recent study conducted by OnDMARC found that only one organization out of top 100 law firms in the UK has security measure to fight against email frauds and fully protect against them. These worrying findings should serve as a warning to UK law firms to take action and protect their sensitive data.
For nearly two weeks, the company’s official Twitter account has been directing users to a fake website securityequifax2017.com instead of equifaxsecurity2017.com, the official one created to inform users about this incident.
The U.S. Securities and Exchange Commission (SEC) said that attackers might have used data they stole in a security breach for illicit insider trading. The Commission doesn’t think this incident exposed personal information or produced systemic risk.
Locky ransomware seems to make its appearance once again. Security researchers and firms found discovered some spam waves that are pushing the new Locky ransomware variant. The method used: encrypting files with the .ykcol extension.
According to The Webroot Quarterly Threat Trends report, “Every month, almost 1.5 million new phishing websites are created.” The report also emphasized that these sites are getting more sophisticated and harder to detect, while the goal is always to convince users into providing their personal information.
An online random survey conducted by ESET among US people found that criminal hacking is the greatest threat to Americans’ well-being which and their views on the risk of these threats vary depending on their wealth and age.
This week we wrote a guide to help you understand the difference between antivirus and antimalware programs, what are their pros and cons, important features and which one you should choose. We’ve also give details about BlueBorne, a new attack vector that might infect devices with Bluetooth technology without an Internet connection.
One of the bigger stories this week was the one related with BlueBorne, the new attack vector that might spread malware through Bluetooth-enabled devices without an Internet connection.
Here are some of the other cybersec stories of the week that you’ll find in our roundup:
A survey from WatchGuard Technologies found that with the GDPR deadline set for May 25, 2018, one third of organizations simply don’t know whether or not their organization needs to comply.
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has confirmed.
Beware of Linkedin scams! A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. These messages have been sent via legitimate LinkedIn Premium accounts, hacked by phishers, so it might look trustful and make users to click.
A new Android malware variant called ExpensiveWall gains remote access to users’ phones and sends fraudulent premium SMS messages. The malware infiltrated Google Play and infected at least 50 apps, said Check Point’s mobile threat research team.
BlueBorne is a new attack vector that spreads through the air, and potentially infect all Bluetooth-enabled devices without an Internet connection. Security researchers said that it can affect over 5.3 billion devices, including Android, Windows, Linux and iOS.
Here’s how benchmarking can help organizations make more informed decisions around their security programs.
New report from Avast say that cyberattacks on Android devices jumped 40% year-over-year in the second quarter and will continue to grow.
Super yachts are just like another business and require the same security measures to keep them protected from cyber attacks. It seems there’s growing threat to the super yachting industry: hacking.
Here’s an interesting effect of the devastating Hurricane happening in the US. New data show that malware infections in the Houston area showed a 52.5 percent drop from the average on August 29th.
Google announced that Safe Browsing, one of its anti-malware efforts to keep users safe, has crossed the threshold to 3 billion devices.
This week we’ve explored the topic of spam emails and try to understand why these types of attacks still work and how to secure your email account. We approached this subject, after we’ve been recently witnessed a historical data dump where more than 700 million of email addresses (plus passwords) have been exposed online.
One of the bigger stories this week was the announcement made by Equifax, one of the three major consumer credit reporting agencies, about a cyber attack where hackers might have gained access to company data and potentially compromised sensitive information for 143 million American consumers.
Here are some of the other cybersec stories of the week that you’ll find in our roundup:
New research from the SANS Institute revealed that frontline IT professionals think ransomware is the top overall threat to business data, with 78 percent of respondents reporting two or more threats occurring in the past 12 month.
The energy sector in Europe and North America has been targeted by a new wave of cyber attacks that could provide cyber criminals to seriously disrupt affected operations.
Security researchers have discovered that digital assistants, including Alexa, Siri and Cortana, are vulnerable to hacking via ultrasonic commands, known as Dolphin Attacks.
Equifax, a major consumer credit reporting agency from US, announced that hackers had gained access to company’s data and might have compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.
A recent Avast analysis on over 160 million mobile devices shows that mobile cybercrime is on the rise. Data announced revealed a 40% increase in cyber attacks on Android smartphones and tablets.
A Romanian worker’s “right to a private life” was breached when his employer accessed his work Yahoo Messenger account and read private messages sent there.
New survey found that 81% of security professionals believe that the requirements to be a great security professional have changed, with many turning to staff without specific cyber-training.
A 13-year-old young malware developer is using the same Skype ID for applying to jobs and advertising their Internet of Things (IoT) botnet.
Email scammers keep showing again and again. This time, we have the 419 “Hitman deployed to kill you” missive doing the rounds. On a similar threatening note, victims get a DHS notification telling them to pay a $350 fee within 24 hours – or else.
Google has released its monthly security updates for its Android mobile OS, fixing over 80 vulnerabilities in the platform with two different packages.
This week we published a security alert that offers details about Locky ransomware making its appearance once again. In the newest spam run, the cyber criminals behind the most notorious ransomware strain currently on the market have decided to change tactics and to spoofing Dropbox.
Security articles of the week (28 August – September 1st, 2017)
1. Hundreds of millions of private email addresses (and passwords) have been leaked in the Internet in the biggest data dump ever.
This is definitely the most important news of the week. Over 700 million email addresses (and their passwords) have been exposed in, what is, the biggest data dump ever.
In terms of cyber attacks, August was a relatively quiet month, compared to the previous one, but here’s a list of the cyber attacks and data breaches happening in August.
Mobile becomes indispensable for most of us, and users are using it on a daily basis, which makes these devices an easy target for cyber criminals. In this article, you can read about the biggest challenges in mobile security.
Google had to remove almost 300 Android apps from its Play Store, after finding out that some apps were being hijacked for DDoS attacks which infected almost 70,000 devices.
The price of the cryptocurrency hit a record for the first time, jumping above $4.800 over the past few hours of trading
Researchers have spotted a new spam campaign containing Locky ransomware that was sent out to more to more than 23 million emails in 24 hours.
According to the latest forecast from Gartner Inc, the worldwide information security industry will grow 7 percent to reach $86.4 billion (USD) in 2017, and will climb to $93 billion next year.
According to a new report, half of organizations are still failing to maintain PCI DSS (The Payment Card Industry Data Security Standard) compliance.
Why does old malware continue to prevail? Why ransomware still threaten businesses and users alike? Experts believe it comes down to irregular patching, weak and out-of-date AV and legacy systems that can’t be protected or upgrade.
Google recently announced that its future certified devices will carry the Play Protect logo on their retail packaging, as a way to assure customers that the device they are about to invest in will give them the most secure experience possible.
This week, we published an update of our guide about the Data Protection Regulation. It includes lots of useful resources to help both companies and users better understand how this regulation works.
Our other article is a security alert providing details about an adware that is targeting Facebook users, with a malicious link spreading on Messenger.
Security articles of the week (21-25 August, 2017)
Cyber attacks on the cloud services are growing fast. According to Microsoft’s Security and Intelligence report, the number of threats on cloud-based accounts have seen an increase up to 300% over the past year.
Ukraine’s central bank sent a warning to state-owned and private banks across the country regarding a new malware campaign that is targeting financial services. It is said that the attack might have the proportion of a Non-Petya ransomware.
Cybersecurity firm Upguard has discovered that data breach, in which a US voting machine supplier has exposed the personal information of more than 1.8 million voters in the state of Illinois.
Researchers have discovered two-zero days vulnerabilities in Foxit’s free PDF Reader, after the supplier revealed it has no plans to fix the security flaws.
Security researchers have identified a banking malware called BankBot hiding in Google Play Store. The malware can be found in two Android apps which can download suspicious programs without the user’s knowledge.
According to a recent Fortinet report, 90% of organizations have experienced cyber attacks during which intruders tried to exploit vulnerabilities that were three years or older.
LG has confirmed it had to shut down some parts of its network after a WannaCry ransomware was found on its systems.
Cybersecurity professionals share their opinion on the security challenges that will be faced this year.
The Victorian government has just announced its cybersecurity strategy aimed at building resilience against cyber threats and ensure government information, services, and infrastructure are protected and safe.
Why do some organizations find it so difficult to keep their systems up to date and what can they do to better protect themselves? Here are some useful answers in this Q&A we recommend reading.
This week, my colleague Ioana has explored the main reasons why ransomware is still such a major online threat, despite all the efforts being poured into containing it. Our other article dives into spoofing, and how malicious hackers use this method to break into user’s accounts and personal data.
Security articles of the week (7-11 August, 2017)
Poor HBO is still struggling to cope with the aftermath of its hacking after hackers continued to dump episodes and scripts. Another major interest point is the appearance of hard statistics that show how prevalent phishing is as a cybersecurity threat.
Cyberwar is still an emerging concept, but many experts are concerned that it is likely to be a significant component of any future conflicts. As well as troops using conventional weapons like guns and missiles, future battles will also be fought by hackers manipulating computer code.
In June, the mysterious group who for almost a year has been dumping hacking tools and exploits stolen from the NSA launched a subscription service that promised to provide new tools to subscribers every month.
This month’s Patch Tuesday update round from Microsoft fixed 48 vulnerabilities, but only two have been publicly disclosed prior to release, with none known to have been exploited in the wild thus far.
Organizations hit with malware during the second quarter had it delivered via phishing attacks in 67% of the cases, according to a Global Threat Intelligence Center (GTIC) report released today by NTT Security.
The hackers who’ve breached HBO and supposedly made off with 1.5TB of the company’s data have released a second data dump.
Scientists at the University of Washington in Seattle, have successfully been able to code a malware program into a DNA sample and use it to hack into a computer that was studying it.
Hackers have flooded Android app stores, including the official Google Play store, with over 1,000 spyware apps, which have the capability to monitor almost every action on an infected device.
Get used to global malware campaigns like Petya and WannaCry, because Pandora’s Box has been opened and destructive cyberattacks like these are here to stay.
In July 2017, global spam rate reached the highest level registered since March 2015, fueled by the emergence of malware families attempting to self-spread via email, according to Symantec.
According to results of a new survey on today’s threat landscape, to be released by SANS Institute on Tuesday 15 August, both users and their endpoint devices are the primary target for cyber criminals in 21st century security battles.
This week, we’ve published an article about session hijacking, a dangerous hacking method that takes control of a user’s account as they are live and using it.
Security articles of the week (July 31st – August 4th, 2017)
The biggest story from the beginning of this week was the HBO hack that ended up with leaked scripts and even the 4th episode of the series. Later on, the story that captured all the headlines was the arrest of Marcus Hutchins, the cybersec researcher who stopped the WannaCry ransomware.
Here are some of the other cybersec stories of the week that you’ll find in our roundup:
HBO has become hackers’ latest entertainment industry target: attackers have breached the company’s servers, and they claim to have syphoned from them 1.5 terabytes of data.
By removing the rubber base at the bottom of the Echo, the research team was able to access the 18 debug pads and directly boot into the firmware of the device, via an external SD card, and install persistent malware without leaving any physical evidence of tampering. Doing this gave them remote root shell access and enabled them to access the ‘always listening’ microphones.
Some 175,000 Internet of Things (IoT) connected security cameras are vulnerable to hacks that would allow cybercriminals to enter a user’s network, spy on the owner, or become part of a malicious botnet, according to a new report from security provider Bitdefender.
Long-lasting DDoS attacks are back, and they’re harder than ever, new research has claimed.
According to a report from Kaspersky Lab, the second three months of 2017 saw a DDoS attack last more than 11 days – 277 hours straight.
In a recent survey of 500 IT decision makers from security firm OneLogin, only about half of respondents said they were “very confident” that former employees could no longer access corporate applications. And 20% of organizations surveyed said they had experienced data breaches by ex-employees.
In a stunning move, federal authorities have arrested Marcus Hutchins, a researcher who earlier this year was credited with stopping the rapidly expanding WannaCry ransomware attack that spanned 150 countries in a matter of days.
The chap behind Chrome Web Developer, a popular third-party extension that was briefly hijacked to inject ads into browsers, today confirmed he was the victim of a phishing attack.
As law enforcement agencies continue to be on the hunt for the group behind WannaCry, the ransomware authors have just withdrawn a handsome $140,000 in cryptocurrency from their Bitcoin wallets.
One of the worst types of ransomware has become even nastier, adding the ability to steal Bitcoin wallets and password information from you in addition to encrypting your files and demanding a ransom payment in order to get them back.
A majority of information security professionals believe that artificial intelligence (AI) technology will be used in attacks against them in the next 12 months, according to new research from Cylance.
This week, we’ve explored a less talked about topic in the cybersecurity arena: biometric security. In it, we’ve gone over how the most popular methods of biometric authentication work, their advantages and disadvantages and also how these measures can be hacked.
Security articles of the week (July 24-28, 2017)
One of the bigger stories this week was Adobe’s decision to finally pull the trigger and kill Flash. However, the squeezing is going to take quite a while. This week stood out for how many threats were discovered that targeted smartphones, iOS and Android alike.
In any case, here’s what you’ll find in this week’s cybersecurity roundup:
Here’s one of the most unconventional: a fish tank. Not just an ordinary fish tank, mind you, but a fairly high-tech one that featured Internet connectivity. That connection allowed the tank to be remotely monitored, automatically adjust temperature and salinity, and automate feedings.
Digital currencies have emerged as a favourite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransomware attacks—WannaCry, Petya, LeakerLocker, Locky and Cerber to name a few.
In a statement, Adobe confirmed the news, saying it will slowly phase out the plugin by the end of 2020. After that time, Flash will no longer receive updates. Until that happens, though, Adobe’s partnership with Apple, Mozilla, Microsoft and Google will continue as the company provides additional security updates for browsers.
In a report conducted by Osterman Research and sponsored by Malwarebytes, more than 1,000 small and medium-sized businesses were surveyed in June 2017 about ransomware and other critical security issues. What we discovered was surprising—ransomware authors aren’t only targeting enterprise businesses for big payouts. They’ve got their greedy gaze on businesses of all sizes.
iRobot, maker of the cat chariot-cum-auto-vacuum Roomba robot, is looking into selling maps of our homes to one of the Big Three companies behind artificially intelligent (AI) voice assistants – Google, Amazon and/or Apple.
On Wednesday, an anonymous hacker (or hackers) stole $32 million worth of ethereum’s cryptocurrency, ether, from three multi-signature wallets thanks to a vulnerability in the contract for the wallets.
Italian global banking and financial services company UniCredit has revealed that it has suffered two security breaches in less than a year.
In a slowly-unfolding scandal in Sweden, it’s emerged that the country’s transport agency bungled an outsourcing deal with IBM, putting both individuals and national security at risk.
The recently discovered Fruitfly malware is a stealthy but highly-invasive malware for Macs that went undetected for years. The controller of the malware has the capability to remotely take complete control of an infected computer — files, webcam, screen, and keyboard and mouse.
Android and iOS already issued patches for bug that could result in the spread of unstoppable malware
A bug in an obscure chip found in the world’s most popular smartphones could result in the unstoppable spread of malware from device to device.
This week, we’ve updated and republished two of our most important articles, one of which covers the most important warning signs of a malware infection, while the other goes over 50+ cybersecurity tools that might improve your online safety.
We’ve also published a new article about DDoS attacks and the methods malicious hackers use to execute them.
Security articles of the week (July 17-21, 2017)
A quiet week in cybersecurity, without any particularly big hackings. It’s the middle of summer, so all of the malicious hackers out there are probably in a holiday or something. Or preparing their next big Mirai or WannaCry. But hopefully they are on a permanent vacation.
In any case, here are this week’s top cybersecurity stories:
If you are one of the almost half a billion people who at some point used to be on Myspace, the hottest social network of the early 2000s, you should know that almost anyone can hack into your account.
“AI is a fundamental, existential risk for human civilization,” Tesla and Space X CEO Elon Musk said at the National Governors Association summer meeting. He doesn’t think people “fully appreciate that.” AI and a possible robot apocalypse is just one topic covered by Musk, and we’ll get back to that; but since a Tesla is “like a laptop on wheels,” Musk also talked about his top cybersecurity concern: a fleet-wide hack of Teslas.
An Internet of Things-based ‘smart’ alarm dubbed iSmartAlarm has several vulnerabilities that could help criminals to set up a cyber-assisted burglary.
Confectionary giant Mondelez, the makers of Oreo Cookies and Cadbury chocolates, which found its offices as far away as Tasmania had fallen foul of NotPetya/GoldenEye, forcing production to halt.
A new survey of over 1,000 US adults reveals that 81 percent of people surveyed admit to using the same password for more than one account.
Among millennials where 92 percent say they use the same password across multiple accounts. More worrying still, more than a third (36 percent) report that they use the same password for 25 percent or more of their online accounts.
Ransomware crooks have become skilled psychological manipulators in their attempts to fleece victims of file-encrypting malware.
Analysis of the psychology behind ransomware “splash screens”, the initial warning screens of ransomware attacks, commissioned by SentinelOne, reveals how social engineering tactics are used by cyber criminals to manipulate and elicit payments from individuals.
A massive botnet that remained under the radar for the past five years managed to infect around half a million computers and allows operators to “execute anything on the infected host,” ESET researchers warn.
Dubbed Stantinko, the botnet has powered a massive adware campaign active since 2012, mainly targeting Russia and Ukraine, but remained hidden courtesy of code encryption and the ability to rapidly adapt to avoid detection by anti-malware solutions.
In March, the source code for a new banking Trojan, dubbed Nuclear Bot (Nukebot ), was available for sale in the cyber criminal underground.The Nuclear Bot banking Trojan first appeared in the cybercrime forums in early December when it was offered for $2,500. The malicious code implements some features commonly seen in banking Trojans, it is able to inject code in Mozilla Firefox, Internet Explorer and Google Chrome browsers and steal sensitive data provided by the users.
How secure is your smartphone? Do you know what you can do to help the hackers who increasingly see it as a desired and lucrative target?
Fortinet’s Threat Landscape Report found that mobile malware as a percent of total malware rose from 1.7% in the last quarter of 2016 to 8.7% in the first quarter of 2017.
New IOActive research exposes critical security vulnerabilities found in the Segway miniPRO electric scooter.
If exploited, an attacker could bypass safety systems and remotely take control of the device, including changing settings, pace, direction, or even disabling the motor and bringing it to an abrupt and unexpected stop while a rider is in motion.
This week, we’ve published an article covering the best practices in maintaining an organization’s data integrity, and also an analysis of all the critical vulnerabilities found in Windows that make it vulnerable to a new wave of cyber attacks.
Security articles of the week (July 10 – 14, 2017)
Possibly the biggest story of the week was the Verizon leak that exposed data on millions of its customers. Other stories of interest include the new Apple Mac money stealing malware and the Android HighRise malware that the CIA used to intercept SMS messages.
An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned.
As many as 14 million records of subscribers who called the phone giant’s customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra’anana, Israel-based company.
A US payment kiosk vendor has been stung by malware scum.
Avanti Markets helps employers monetise the lunch-room and get rid of counter-service, going beyond a simple vending machine to cover the whole sandwiches-fruit-drinks-junk-food with one payment system.
WikiLeaks on Thursday published a user guide describing what appears to be a tool used by the U.S. Central Intelligence Agency (CIA) to intercept SMS messages on Android mobile devices.
Named HighRise, the version of the malware described in the WikiLeaks document is disguised as an app called TideCheck, and it only works on Android versions between 4.0 and 4.3.
Users who have Particle For YouTube extension installed on their browsers should consider removing it as soon as possible. The original developer of the extension sold the extension to a new developer, which turns out to be a collector of abandoned Chrome extensions.
Social media giants like Facebook and WhatsApp will be compelled to share encrypted messages of suspected terrorists and other criminals with Australian police under new laws unveiled Friday.
Modern technology is a terrific thing, however, like everything else in this world, it is not ideal.
Everything that is connected to the Internet directly or with the help of some wireless technology, is “under risk”. From cars and houses to medical devices and ATMs these are 11 crucial things of our life that could be hacked.
A purveyor of static code analysis wished to pitch his product to Samsung. What better way, he thought, than to run his product against the Samsung Tizen operating system, and demonstrate the results. The demonstration fell through, and the purveyor decided instead to publish his findings.
A recently discovered strain of Apple Mac malware has begun mimicking major banking websites in an effort to steal credentials from victims.
First uncovered in May, OSX.Dok affected all versions of Apple’s older OS X operating system and was initially used to spy on victims’ web traffic.
Windows 10 users will finally be allowed to reset their account passwords from the lock screen, with Microsoft currently testing a feature that would enable password recovery with help from digital assistant Cortana.
Cyberespionage conjures up nightmare scenarios for private and public organizations. For governments, it might involve the prospect of foreign agents filching details on a new missile system. For an auto company, it could be hackers stealing their blueprints for a next-generation auto.
This week, we’ve published an article detailing how malicious insider threats operate, and how they can seriously mess up a company’s security. In short, these are employees that hack or sabotage their own company, either for profit or simply vengeance. We recommend you check out the whole article, for all of the stories that we’ve included.
Security articles of the week (July 3-7, 2017)
Last week’s Petya/NotPetya attack left again left us wondering just how much worse cyber attacks are going to be. Within a year, we’ve had the Mirai attack, WannaCry and now Petya. Judging from the state of cybersecurity, these attacks aren’t going to stop anytime soon. Fortunately for those affected by Petya, a decryption key was made public by its author.
In any case, here are this weeks top cybersecurity articles:
Google on Wednesday announced that a total of 138 vulnerabilities were addressed in the Android platform with the release of this month’s set of security patches.
The July 2017 Android Security Bulletin was split in two partial security patch level strings: the 2017-07-01 security patch level that addresses issues in the platform itself, and the 2017-07-05 security patch level, which resolves device-specific vulnerabilities in various components supplied by manufacturers.
Don’t panic, but attackers are trying to phish their way into machines in various US power facilities, including nuclear power station operators.
It seems so far whoever behind the campaign has tried phishing and watering-hole attacks, but haven’t got beyond corporate networks (which in critical infrastructure should be on separate networks from the operational systems).
The iPhone’s security is so tight that it’s hard to find any flaws at all, which leads to sky-high prices for bugs on the grey market. Researchers I spoke to are reluctant to report bugs both because they are so valuable and because reporting some bugs may actually prevent them from doing more research.
Android users have once again been exposed to malware, as security company Check Point detected a new form of CopyCat that hit no less than 14 million devices across the world.
Janus Cybercrime Solutions has provided a key that work with all “official” variants of Petya (meaning NotPetya is not included). The key was released to — of all places — Mega, and its authenticity has been verified. While Petya has already been cracked, the key offers the fastest and most reliable decryption method yet.
Satellite phone communications encrypted with the GMR-2 cipher can be decrypted in mere fractions of a second, two Chinese researchers have proved.
One of the world’s largest cryptocurrency exchanges has fallen victim to hackers, who were able to use information they stole to plunder users’ accounts.
According to local media reports, Bithumb informed the Korea Internet & Security Agency (KISA) late last week that the personal information on approximately 32,000 customers was compromised – although passwords were not taken.
For many, everyday life involves sitting in front of a computer typing endless emails, presentation documents and reports. Then there’s the frequent typing of passwords just to get access to those files. But beware: researchers have hacked together a tool that can harvest what’s being typed simply by listening to the sounds of the keys.
Microsoft says the outbreak of NotPetya – aka SortaPetya, Petna, ExPetr, GoldenEye, Nyetya and Diskcoder.C – that began June 27 resulted in “a less widespread attack” than WannaCry, aka WannaCrypt. That was despite NotPetya being even more sophisticated than WannaCry – by many security experts’ reckoning – as well as NotPetya targeting the same EternalBlue server message block exploit in Windows that had enabled WannaCry to spread far and fast.
Flaws in pre-installed software expose Dell systems to attacks that could result in the disabling of security mechanisms, privilege escalation, and arbitrary code execution within the context of the application user.