News – January 2018


  • Cryptocurrency Mining Malware Infected Over Half-Million PCs Using NSA Exploit

    January 31, 2018

    2017 was the year of high profile data breaches and ransomware attacks, but from the beginning of this year, we are noticing a faster-paced shift in the cyber threat landscape, as cryptocurrency-related malware is becoming a popular and profitable choice of cyber criminals. Several cybersecurity firms are reporting of new cryptocurrency mining viruses that are being ...

  • Alphabet unveils cybersecurity company, Chronicle

    January 31, 2018

    Chronicle aims to leverage machine learning to advance threat detection, the cybersecurity company touted. It will help companies use their information to improve security by allowing them to run analysis faster and giving them the ability to store large amounts of data to help them recognize patterns. “We want to 10x the speed and impact of security teams’ ...

  • Utilities ill-equipped to face increasingly disparate cybersecurity threat

    January 31, 2018

    All utilities organizations surveyed in the latest EY Power and Utilities Global Information Security Survey 2017-18 (GISS): Why wait for a cyber catastrophe to prepare for a cyber attack?, say that their cybersecurity function does not meet their needs. The survey also finds that 58% of sector respondents anticipate difficulties in monitoring the perimeter of their ...

  • Israel accounts for 16 percent of global cybersecurity investment, second only to U.S.

    January 31, 2018

    Israel’s cybersecurity industry raised $814.5 million in venture capital and private equity investment in 2017, a 28 percent rise over 2016 that brings the country to second only to the United States, according to research by Start-Up Nation Central. Israeli cybersecurity companies, centered in Tel Aviv, account for 16 percent of industry investment overall as of 2017. In 2014, ...

  • UK keeps up its legal losing streak over mass surveillance

    January 30, 2018

    Yet another defeat in the courts for the UK government’s use of mass surveillance as an indiscriminate and, as it frequently turns out, unlawful investigatory tool. Today the UK’s Court of Appeal handed down its ruling in a long running challenge to the 2014 Data Retention and Investigatory Powers Act (DRIPA) — judging that the regime’s bulk collection ...

  • Cisco Patches Critical VPN Vulnerability

    January 30, 2018

    Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on affected devices. The vulnerability impacts nearly a dozen Cisco products ranging from 3000 Series ...

  • Digital Extortion: A Forward-looking View

    January 30, 2018

    In 2017, we saw digital extortion increasingly become cybercriminals’ first and foremost money-making modus operandi. It’s mostly due to ransomware — cybercriminals’ currently most popular weapon of choice, helping them in extorting cash from users all over the world and in hitting big businesses and organizations. By infecting business-critical systems through their shotgun-style ransomware attacks and ...

  • DoD Studying Implications of Wearable Devices Giving Too Much Info

    January 30, 2018

    Defense Department officials are studying security issues raised by physical conditioning trackers that also can be used to track service members’ whereabouts, a Pentagon spokesman told reporters today. The concern comes from a “heat map” posted by Strava — the makers of a fitness tracking application that shows the routes service members run or cycle in ...

  • Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks

    January 29, 2018

    The United States Secret Service issued a warning on Friday to financial institutions citing “credible information” about “planned” attacks against U.S. cash machines using malware that can quickly drain ATM machines dry of cash. The warning came a day after ATM maker Diebold Nixdorf also warned its customers of “potential”  ATM Jackpotting attacks moving from Mexico to the U.S. But journalist Brian ...

  • Security & Counter Terror Expo 2018: bringing together the international community to enhance global security

    January 29, 2018

    The threat of terrorism continues to have far reaching effects on every day life with a total of 25 terrorist attacks taking place across Europe in 2017. As risk from lone-wolf attacks and sophisticated ransomware increases, security professionals are faced with a growing challenge to evolve and stay one step ahead by investing in new ...

  • Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems

    January 28, 2018

    Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of ‘undetectable’ spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed article on the report from EFF/Lookout that revealed a ...

  • Ransomware: Is time running out for the biggest menace on the web?

    January 26, 2018

    Ransomware attacks like WannaCry and Petya caused major chaos last year, while the likes of Locky and Cerber were less high-profile, but still managed to generate large amounts of income for their criminal creators. 2017 was the year of ransomware, but it could be that the file-encrypting malware has already reached its peak, as an analysis of cybercriminal campaigns appears to show that malicious ...

  • GDPR: Deadline looms but businesses still aren’t ready

    January 25, 2018

    Under half of businesses are aware of upcoming data protection laws they’ll be subject to in just four months’ time — or what the new legislation means for how information security is handled. A lack of awareness about the forthcoming introduction of General Data Protection Regulation (GDPR) — a new set of rules from the European Union which ...

  • IT ‘heroes’ saved Maersk from NotPetya with ten-day reinstallation bliz

    January 25, 2018

    4,000 servers, 45,000 PCs and 2,500 apps all rebuilt, while other staff went manual It’s long been known that shipping giant Maersk suffered very badly from 2017’s NotPetya malware outbreak. Now the company’s chair has detailed just how many systems went down: basically all of them. Speaking on a panel at the World Economic Forum this week, Møller-Maersk ...

  • Electron critical vulnerability strikes app developers

    January 24, 2018

    A critical vulnerability affecting Electron desktop apps has been disclosed. Electron is a node.js, V8, and Chromium framework created for the development of cross-platform desktop apps with JavaScript, HTML, and CSS. Compatible with Mac, Linux, and Windows operating systems, the recently-discovered bug impacts Windows alone. The critical vulnerability affects Electron apps which use custom protocol handlers. Assigned the identifier CVE-2018-1000006, the vulnerability ...

  • Analysts: U.S. nuclear modernization plan under-invests in cybersecurity

    January 23, 2018

    The nuclear posture review specifically mentions “expanding threats in space and cyberspace.” Since a leaked draft of the Defense Department’s nuclear posture review was revealed by the Huffington Post, analysts and arms control experts have sounded alarms about language in the document that suggests the Trump administration would broaden the scenarios where it would be acceptable ...

  • Satori Author Linked to New Mirai Variant Masuta

    January 23, 2018

    Researchers at NewSky Security say the hacker behind a Mirai malware variant called Satori, also known as Mirai Okiru, is the same hacker behind two new Mirai variants called Masuta and PureMasuta. Based on source code for Masuta malware recently found on the dark web, researchers at NewSky Security said they were able to connect the ...

  • Nearly Half of the Norway Population Exposed in HealthCare Data Breach

    January 21, 2018

    Cybercriminals have stolen a massive trove of Norway’s healthcare data in a recent data breach, which likely impacts more than half of the nation’s population. An unknown hacker or group of hackers managed to breach the systems of Health South-East Regional Health Authority (RHF) and reportedly stolen personal info and health records of some 2.9 million ...

  • Behavioral biometrics missing from cybersecurity

    January 20, 2018

    Recently, there’s been an uptick in the adoption of the NIST Cybersecurity Framework, a set of guidelines aimed at helping organizations improve their overall cybersecurity process. In December 2017, NIST released the second draft of its framework. Among the updates were two critical additions to the Identity Management, Authentication and Access Control guidance. These updates address the disturbing ...

  • British 15-year-old gained access to intelligence operations in Afghanistan and Iran by pretending to be head of CIA, court hears

    January 19, 2018

    A 15-year-old gained access to plans for intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA to gain access to his computers, a court has heard. From the bedroom of the Leicestershire home he shared with his mother, Kane Gamble used “social engineering” – where a person builds up a ...