News – February 2016

Largely undetected Mac malware suggests disgraced HackingTeam has returned
February 29, 2016
Until recently, sample wasn’t detected by any of the top antivirus programs.

Under Pressure, Cybersecurity Market Is Ripe for M&A in 2016
February 29, 2016
Cybersecurity, in recent years among the strongest segments of the tech sector, now is feeling the effects of the downturn.

Pentagon chief to appeal to Silicon Valley for help with cybersecurity
February 29, 2016
Defense Secretary Ashton Carter will visit a crucial front this week in the war the Pentagon considers its greatest potential threat: cyberspace.

Cybersecurity gets nearly billion-dollar increase in DoD FY 2017 budget request
February 28, 2016
Department of Defense officials are requesting $6.7 billion for cyber operations in the Fiscal Year (FY) 2017 base budget request.

Norway Makes It Official, Accuses China of Hacking and Stealing Military Secrets
February 27, 2016
A high-ranking general in the Norwegian Army and head of the Norwegian Intelligence Service E-tjenesten (Etterretningstjenesten) has made official statements accusing the Chinese government of launching cyber-attacks against his country.

Hackers did indeed cause Ukrainian power outage, US report concludes
February 27, 2016
DHS officials say well-coordinated hack cut power to 225,000 people.

European spy tech sold to ultra-secret branch of Egyptian government
February 25, 2016
PI report says the spying gear was sold to a regime with a history of human rights abuses.

Asus lawsuit puts entire industry on notice over shoddy router security
February 24, 2016
FTC takes aim at insecurity that’s rampant in the “Internet-of-things” industry.

NSA Data Center Experiencing 300 Million Hacking Attempts Per Day
February 22, 2016
Utah State computer systems are experiencing a massive cyber attack on up to 300 Million Hacking attempts per day due to National Security Agency’s (NSA) data center in the state.

Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
February 21, 2016
Are you also the one who downloaded Linux Mint on February 20th? You may have been Infected!

Cybersecurity experts warn that 75% of mobile apps are vulnerable to attack
February 20, 2016
Hackers are focusing more on mobile gadgets which contain browsing history, banking information, location history, text messages, photos and other personal information.

How Just Opening an MS Word Doc Can Hijack Every File On Your System
February 18, 2016
Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware.

Twitter admits to password recovery bug affecting thousands of its users
February 18, 2016
Micro-blabbing site applies fix, claims passwords are safe.

Dridex: Financial Trojan aggressively spread in millions of spam emails each day
February 18, 2016
Built to harvest the banking credentials of victims, the virulent Dridex is now one of the most dangerous pieces of financial malware in circulatio

Majority CEOs unwilling to share cybersecurity information with outsiders
February 17, 2016
Some 55 percent of CEOs acknowledge industry collaboration is necessary in fighting cybercrime, but only 32 percent are willing to share their company’s data on cybersecurity incidents with others.

Inside the FBI’s encryption battle with Apple
February 18, 2016
US government and Apple try to settle whether national security can dictate how Silicon Valley writes computer code.

Go full SHA-256 by June or get locked out
February 17, 2016
Online businesses in the UK will have to update their systems and adopt SHA-2 before June in order to avoid losing access to vital payment and money transfer services.

Linux apps can be hijacked by compromised DNS servers
February 16, 2016
A huge amount of Linux software can be hijacked by hackers from the other side of the internet, thanks to a serious vulnerability in the GNU C Library (glibc).

Hackers take hospital offline, demand $3.6m ransom
February 15, 2016
Hollywood Presbyterian Medical Center has been in a state of emergency after a malware attack shut down the network unless a ransom of $3.6 million was paid.

Metel malware pops bank, triggers 15 percent swing in Russian Ruble
February 15, 2016
ATM hacking tool used to place $500 million in orders

Fifth of GCHQ intelligence comes from hacking
February 12, 2016
The spy agency reveals scale of so-called equipment interference as it wins human rights challenge.

Police Arrest 16-year-old Boy Who Hacked CIA Director
February 12, 2016
The Federal Bureau of Investigation and British police reportedly have arrested a 16-year-old British teenager who they believe had allegedly leaked the personal details of tens of thousands of FBI agents and US Department of Homeland Security employees.

NIST Risk-Assessment Framework Shapes Federal Cybersecurity Strategy
February 12, 2016
The U.S. government is under pressure to improve cybersecurity and is meeting that challenge with a commitment to substantially enhance spending for protecting IT systems.

India signs cyber security & investments pacts with UAE
February 12, 2016
The agreements were signed by Sheikh Mohamed bin Zayed Al Nahyan, Crown Prince of Abu Dhabi and Deputy Commander of the UAE Armed Forces, and Indian Prime Minister Narendra Modi.

Google to Ban Flash-based Advertising
February 10, 2016
Google had also joined the path of Apple, Facebook, and Youtube to kill the “Adobe Flash Player” by announcing that the company is banning Flash banner support from its Adwords Advertising platform.

Windows 10 Sends Your Data 5500 Times Every Day Even After Tweaking Privacy Settings
February 10, 2016
Ever since the launch of Microsoft’s newest operating system, Windows 10 is believed to be spying on its users.

“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive
February 10, 2016
Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks.

Obama seeks big increase in cyber security funding
February 10, 2016
President Barack Obama asked for $19 billion for cyber security across the U.S. government, an increase of $5 billion over this year.

13th Annual CISO Europe Summit & Roundtable – full agenda announced
February 9, 2016
MIS Training Institute (MISTI) is delighted to announce dates for the 13th annual CISO Europe Summit & Roundtable. Europe’s favourite event for CISOs will reconvene on 11-13 May 2016 in Copenhagen at the Copenhagen Marriott Hotel.

Hackers are offering Apple employees up to €20,000 for their login details
February 9, 2016
Hackers are offering Apple employees thousands of euros for their company login details, according to someone that works for the company in Ireland.

White House Proposes New Cybersecurity Plan
February 9, 2016
Cybersecurity national action plan aims to strengthen computer networks against hacking; proposed budget increase faces obstacle in Congress

Java “RAT-as-a-Service” backdoor openly sold through website to scammers
February 8, 2016
The malware once known as AlienSpy is back in action after original domains shut down.

How Russian Hackers Spiked the Currency Exchange Rate
February 8, 2016
Russian hackers found a way to dramatically alter a currency exchange rate -in just 14 minutes.

Hacker Publishes Personal Info of 20,000 FBI Agents
February 8, 2016
The list includes names, email addresses (many of which are non-public) and job descriptions.

Clever bank hack allowed crooks to make unlimited ATM withdrawals
February 8, 2016
Banking malware is using techniques once reserved for state-sponsored hacking gangs.

Irish-backed cyber-security VC seeks up to 20 start-ups
February 7, 2016
The world’s biggest cyber-security VC fund has €320m to invest

Twitter Suspends 125,000 ‘Terrorism’ Accounts
February 6, 2016
Twitter has suspended more than 125,000 accounts for threatening or promoting terrorist acts – most related to Islamic State.

Ex-CEO On How His Silicon Valley Cybersecurity Firm Crashed
February 6, 2016
Norse Corp. which raised more than $40 million in VC funding – looked like it may be shutting down, according to a blog posted by Brian Krebsy.

Dridex malware exploit distributes antivirus installer—hack suspected
February 5, 2016
Cause is still unknown, but the chief theory is it’s the work of a whitehat hacker.

Vaizey launches cyber security learning tool for HR professionals
February 5, 2016
The government and the CIPD have launched a free e-learning module to help HR professionals protect sensitive HR data and educate the wider workforce about cyber security

Australian SMBs must comprehend cyber-security as much as finance
February 4, 2016
Australian companies are at risk of becoming “low-hanging fruit” for crooks.

Cybersecurity experts urge automakers to take steps to stop hackers
February 3, 2016
Connected cars can provide hackers with a large amount of personal data available to exploit.

DHS to Start Sharing Cybersecurity Threat Indicators With Industry
February 3, 2016
The U.S. Department of Homeland Security will take steps this month to begin automatically sharing cybersecurity threat information with private industry.

Crypto flaw was so glaring it may be intentional eavesdropping backdoor
February 3, 2016
Network tool contained hard-coded prime number that wasn’t prime after all.

TalkTalk loses 95,000 customers, £60 million in costs after hack attack
February 2, 2016
The budget ISP TalkTalk witnessed a huge customer exodus following a high-profile hack attack on its systems late last year.

Cybersecurity gap blocks Pentagon from a Lockheed F-35 database
February 1, 2016
The Pentagon hasn’t had updated information on maintenance of the F-35 jet since May because a Lockheed Martin Corp. database doesn’t meet new government cybersecurity requirements

Internet of things increasing the stakes in cybersecurity
February 1, 2016
The internet of things is expected to increase the stakes for securing cloud-based networks as the number of internet-connected devices continues to surge to greater than 30 billion by 2020.

Security breaches at MoD up 40% in 2015, says UK defence minister
February 1, 2016
Whitehall declines to reveal number of “cyber attacks” in response to MP’s question.