News – January 2017

Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’
January 31, 2017
In 2015, a hacker named Phineas Fisher hacked Hacking Team and exposed some 500 gigabytes of internal data for anyone to download.

Why Cybersecurity Should Be The CFO’s Job
January 31, 2017
The sheer pervasiveness of these risks, matched with the evolution into far more complex attacks, means the C-Suite has to get serious about managing cybersecurity.

Trump expected to sign cyber security executive order Tuesday
January 30, 2017
President Donald Trump is expected to sign an executive order on cyber security on Tuesday, marking the first action to address what he has called a top priority of his administration.

Europol and Global Cyber Alliance team up to fight cyber-crime
January 30, 2017
Europol and the Global Cyber Alliance have signed a Memorandum of Understanding to cooperate on decreasing systemic cyber-risk and improving internet security throughout Europe and beyond.

Dridex Is Back, Uses New Windows UAC Bypass Method
January 30, 2017
Banking malware Dridex is back and it’s worse, targeting British financial institutions with a new technique that has the capability of bypassing Windows User Account Control.

UK Cybersecurity: Permanent job salaries growing faster than contractor pay rises
January 30, 2017
Demand for cyber security skills in the UK means that salaries for full time IT security jobs are increasing faster than contractor rates, according to a new survey.

Ransomware Took Down Washington DC CCTV Days Before Trump’s Inauguration
January 30, 2017
Just days before the inauguration of President Trump, the storage devices recording data from the D.C. Police surveillance cameras were infected by hackers.

Three Quarters of IT Applications Cannot Tolerate a Typical Unplanned Downtime Incident, According to New Research from Stratus Technologies
January 30, 2017
IT Decision Makers Looking to Fault Tolerant Solutions to Avoid Millions of Dollars in Losses Due to Unplanned Downtime

How CXOs should plan their approach to IoT
January 27, 2017
Just as it was with virtualization and cloud computing, moving into an Internet of Things (IoT) project can unleash a barrage of questions aimed at C-level executives from their board members.

Second FSB Agent Arrested for Treason Revealed as Notorious Hacker
January 27, 2017
Major Dmitry Dokuchaev, one of four cyber-security experts arrested by the Kremlin on charges of treason, has allegedly been revealed as an infamous Russian hacker.

UK spy agency hires Indian startup for cybersecurity programme
January 27, 2017
GCHQ chose Pune-based cyber security startup Spherical Defence for their accelerator programme.

Trump order strips privacy rights from non-U.S. citizens, could nix EU-US data flows
January 26, 2017
An Executive Order signed by U.S. President Donald Trump in his first few days in office could jeopardize a six-month-old data transfer framework that enables EU citizens’ personal data to flow to the U.S. for processing

Four-star Alpine hotel fell victim to blackmailers who hacked into their electronic keycard system
January 26, 2017
One of Europe’s most luxurious hotels has admitted paying 1,500 euros to cyber blackmailers who hacked into their electronic key system and locked scores of guests in their rooms.

Last Year’s Data Breaches Exposed 4.2 Billion Records, Most from America
January 26, 2017
The United States was the main target of hacker attacks last year, resulting in a record number of data breaches.

New Trojan Turns Thousands Of Linux Devices Into Proxy Servers
January 25, 2017
A new Trojan has been discovered in the wild that turns Linux-based devices into proxy servers, which attackers use to protect their identity while launching cyber attacks from the hijacked systems.

Apple iPhone 7 is being hardened to handle military-grade secrets
January 25, 2017
The iPhone 7 is being turned into a phone capable of safeguarding military-level secrets for the UK armed forces.

AlphaBay Dark Web Marketplace Hacked; Exposes Over 200,000 Private Messages
January 24, 2017
AlphaBay has paid a hacker after he successfully exploited vulnerabilities in the internal mailing system of the website and hijacked over 200,000 private unencrypted messages from several users.

China makes VPNs illegal to tighten its Great Firewall
January 23, 2017
The new rules make it illegal to use or operate a local VPN service without government approval, and require all VPNs and leased cable lines operating in China have a license from the government.

Lloyds Bank Hit with DDoS Attack for Three Days Straight, Reasons Yet Unknown
January 23, 2017
Lloyds Bank was hit with a DDoS attack for three days straight as hackers tried to crash the website, managing to cause intermittent outages for customers on the personal banking websites.

Greenbug cyberespionage group targeting Middle East, possible links to Shamoon
January 23, 2017
Greenbug may answer the question of how Shamoon obtains the stolen credentials needed to carry out its disk-wiping attacks.

GCHQ chief Robert Hannigan quits
January 23, 2017
The director of GCHQ, Robert Hannigan, has decided to step down early for what he described as personal reasons, the intelligence agency has announced.

IBM acquiring Agile 3 Solutions to give execs visibility into security risks
January 23, 2017
IBM Security announced that it has purchased Agile 3 Solutions, a San Francisco-based company that has developed a security analytics dashboard aimed at helping executives understand cyber-security risks inside an organization.

Yahoo Under SEC Investigation for Taking too Long to Reveal Data Breaches
January 23, 2017
Yahoo is in big trouble with US authorities due to how it handled the massive data breaches it disclosed last year, more specifically its failure to inform investors of the issues at an earlier time.

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug
January 22, 2017
It was one of the biggest flaws in the Internet’s history that affected the core security of as many as two-thirds of the world’s servers i.e. half a million servers at the time of its discovery in April 2014.

How A Bug Hunter Forced Apple to Completely Remove A Newly Launched Feature
January 20, 2017
Recently Apple released a new Feature for iPhone and iPad users, but it was so buggy that the company had no option other than rolling back the feature completely.

NATO Says Hackers Attack the Alliance 500 Times Each Month
January 19, 2017
NATO has become a target for more hackers worldwide, a spokesperson for the military alliance said this week, revealing that an average of 500 attacks are recorded every month.

Billion-Dollar Hacker Gang Now Using Google Services to Control Its Banking Malware
January 19, 2017
Carbanak – One of the most successful cybercriminal gangs ever that’s known for the theft of one billion dollars from over 100 banks across 30 countries back in 2015, is back with a bang!

Giuliani and top Trump White House officials hacked, passwords leaked
January 19, 2017
The Trump Presidency’s new cyber tsar, former New York Mayor Rudy Giuliani has had his passwords leaked online along with a whole host of top officials

Hacking the Army
January 19, 2017
Amid fears about political hacking, the Army needs hackers more than ever

Mirai botnet creator unmasked as DDOS protection developer tempted by the dark side
January 18, 2017
The botnet that subverted thousands of poorly secured internet of things devices and set them to work on denial of service attacks, has been revealed to be the creation of a young developer who found that the black hat fit better than the white.

Old-School DDoS Attack on White House Site Planned on Trump’s Inauguration Day
January 18, 2017
A new online campaign that’s making the rounds these days calls for users to “occupy on inauguration day” as a form of protest against Donald Trump’s presidency.

Router Vulnerabilities Disclosed in July Remain Unpatched
January 17, 2017
Security researcher found accessible admin accounts and command injection vulnerabilities in ZyXel and Billion routers distributed by Thailand’s largest broadband company.

White House Approves New Rules for Sharing of Raw Intelligence Data
January 16, 2017
An unclassified document released by the Office of the Director of National Intelligence spells out how the NSA, under Executive Order 12333, can share unsantitized raw data with any of the 16 other IC agencies.

Court Documents Reveal How Feds Spied On Connected Cars For 15 Years
January 16, 2017
Connected devices can be turned against us because we are giving companies, hackers, and law enforcement a large number of entry points to break into our network.

Former head of the Met’s Counter Terrorism Command joins Security & Counter Terror Expo team
January 16, 2017
Richard Walton, the former Commander of Counter Terrorism Command (SO15) for the Metropolitan Police Service has joined the Security & Counter Terror Expo team as a special advisor.

Countering Global Threats: Security & Counter Terror Expo returns to London in May bringing security professionals from across the world to the UK
January 16, 2017
Following the Bastille Day attack in Nice and the series of bomb attacks in New York and New Jersey, national security remains in the spotlight.

 Secret details emerge on Iran’s Cyber Army
January 15, 2017
A report by Al Arabiya has revealed the secrets of the Iranian electronic army and its intelligence and cyber activities against states and institutions.

Smaller firms set to ‘face £52bn in fines’ for security breaches as cyber-crime skyrockets
January 14, 2017
Small businesses are the victims of more than seven million cyber crimes a year, costing the sector £5.26 billion.

Detroit Car Makers Allegedly Hacked, Names and Social Security Numbers Stolen
January 13, 2017
Detroit’s Big Three automakers are the latest big companies to become victims of hackers, with a new report now claiming that employees’ names and social security numbers might have been exposed during a breach.

Hackers Hacked Phone Hacking Company
January 13, 2017
Cellebrite got hacked, and attackers managed to steal 900 gigabytes of data.

What’s Up With the WhatsApp ‘Backdoor’ Story? Feature or Bug!
January 13, 2017
Security researcher suggests WhatsApp has a backdoor that “could allow” an attacker, and of course the company itself, to intercept your encrypted communication.

When Cybersecurity Meets Physical Security
January 13, 2017
The landscape of cyberwarfare is rapidly changing, with a growing emphasis on the targeting and disruption of physical civilian critical infrastructure like the power grid.

Rudy Giuliani to lead Trump’s cybersecurity team
January 12, 2017
President-elect Donald Trump has picked former New York City Mayor Rudy Giuliani to form a team of private sector cybersecurity experts.

‘We need to know how a malicious hacker will break into our network to understand how to defend it’
January 12, 2017
It has been over 11 years since Abertay introduced the UK’s first BSc Ethical Hacking degree, followed by the MSc for graduates with a computing background.

Hedge funds to invest more in technology and cyber defence
January 12, 2017
Investments by hedge funds into technology advancement is set to increase in the coming five years, as more executives within the industry become concerned about the impact of technology on their competitiveness.

Stolen NSA “Windows Hacking Tools” Now Up For Sale!
January 10, 2017
The Shadow Brokers who previously stole and leaked a portion of the NSA hacking tools and exploits is back with a Bang!

Netflix Users Under Attack As Hackers Try to Steal Credit Card Info
January 10, 2017
A new wave of attacks aimed at Netflix users with cybercriminals now turning to phishing schemes in order to steal their personal information, including credit card data, social security numbers, and other details.

Adobe patches critical flaws in Flash Player, Reader and Acrobat
January 10, 2017
Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

Airport boarding gate display leaks booking codes, puts passenger data at risk
January 10, 2017
Attackers could gain full control over passenger bookings, cancel flights, and steal sensitive information with leaked booking codes.

Microsoft, Qualcomm back Israel’s Team8 cybersecurity firm
January 9, 2017
The venture arms of Microsoft and Qualcomm have invested in Team8, as big multinational companies get behind Israel’s burgeoning cyber industry in the face of growing threats.

UK to review its cybersecurity after US election hacks
January 9, 2017
Two days after US intelligence agencies detail how Russian hacks interfered with the 2016 election, the UK announces an inquiry into its own online security.

France thwarts 24,000 cyber-attacks against defence targets
January 7, 2017
France says it was the subject of 24,000 cyber-attacks against defence targets last year.

KillDisk System Destructive Malware Now Targeting Linux
January 6, 2017
KillDisk is one of the pieces of malware that made the news several times in 2016, mostly because it was used for compromising several high-profile targets, including utility companies in Ukraine.

U.S. Grid in ‘Imminent Danger’ From Cyber-Attack, Study Says
January 6, 2017
The U.S. Energy Department says the electricity system “faces imminent danger” from cyber-attacks, but grid operators say they are already on top of the problem.

National Guard expects expanded role in cybersecurity
January 6, 2017
This expansion comes as multiple government reports have looked to the National Guard as a resource for states and localities to lean on as cyber threats continue to multiply.

11 Gigabytes of Sensitive Data Belonging to US DoD Staff Exposed
January 5, 2017
Personal details of doctors who are deployed in the United States Special Operations Command (USSOCOM or SOCOM) have been exposed due to a security vulnerability.

Hacker claims to have hacked the FBI, but it wasn’t
January 5, 2017
A hacker yesterday claimed to have hacked the FBI’s website running on Plone CMS, but it seems it wasn’t hacked using any zero-day vulnerability in Plone.

HTTPS scanning in Kaspersky antivirus exposed users to MITM attacks
January 4, 2017
Security vendor Kaspersky Lab has updated its antivirus products to fix an issue that exposed users to traffic interception attacks.

Cyber security chief honoured for taming hi-tech threats
January 4, 2017
Group captain Andrew Gudgeon, who works at Nationwide, was awarded an OBE for his work strengthening and protecting the UK and US’s cyber security,

Army social media psyops bods struggling to attract fresh blood
January 3, 2017
Army social media psyops unit 77 Brigade is struggling to reel in new government cyber-warriors in spite of a recruitment publicity blitz last year, according to the Ministry of Defence.

Czechs build new cyber-security HQ
January 3, 2017
A ten-fold increase in staffing is planned for the Czech National Cyber-Security Centre (NCSC) according to recently announced government plans.

Cyber Security Statistics – Numbers Small Businesses Need to Know
January 3, 2017
Cyber security statistics for small businesses collected from a variety of sources.