News – May 2016



Financial Advisors Face Cybersecurity Nightmare
May 31, 2016
SEC chief warns about mounting cybersecurity threats to the financial system.

Most Laptop Vendors Distribute Bloatware Full of Critical Security Bugs
May 31, 2016
This is why everyone calls laptop driver updaters: crapware.

Lloyds Bank Taunts Hackers by Saying Cyber-Attacks Are Down 90 Percent
May 30, 2016
There’s no better way to get DDoSed than by bragging about your super-awesome super-secret cyber-security system.

Stealth Falcon APT Targets UAE Journalists, Activists, and Dissidents
May 30, 2016
Experts believe the group has ties to the UAE government.

CERT Warns Companies About the “Unupgradeable” ESC 8832 SCADA System
May 30, 2016
Users should upgrade to a newer model or invest in firewalls.

Ancient Bayrob Backdoor Trojan Resurfaces After Nine Years with Updated Versions
May 30, 2016
Bayrob returns when we almost forgot about it.

OilRig Cyber-Espionage Campaign Targets Saudi Arabia’s Banks and Defense Sector
May 29, 2016
Threat group deploys new backdoor named Helminth.

New EU Cybersecurity Requirements Soon to Fall on “Essential Services” Operators
May 29, 2016
The Council of the European Union formally adopted the Network and Information Security (NIS) Directive at first reading, paving the way for its final adoption and entry into force in August 2016.

Cyber firms say Bangladesh hackers have attacked other Asian banks
May 27, 2016
Hackers who stole $81 million from Bangladesh’s central bank have been linked to an attack on a bank in the Philippines, in addition to the 2014 hack on Sony Pictures.

“Forbidden attack” makes dozens of HTTPS Visa sites vulnerable to tampering
May 26, 2016
Researchers say 70,000 servers belonging to others also at risk.

Anonymous Hackers Turned Stock Analysts Are Targeting US & Chinese Corporations
May 26, 2016
A relatively unknown division of the Anonymous hacker collective that goes by the name of Anonymous Analytics has been sabotaging companies on the stock market by revealing flaws in their financial statements.

Major DNS provider hit by mysterious, focused DDoS attack
May 25, 2016
Attack on NS1 sends 50 million to 60 million lookup packets per second.

USNA Graduates First Cyber Operations Midshipmen
May 25, 2016
The first 27 of the U.S. Naval Academy’s cyber operations majors graduate May 27 with the Class of 2016.

Apple hires Encryption Expert to Beef Up Security on its Devices
May 25, 2016
Apple has rehired security expert and cryptographer Jon Callas, who co-founded the widely-used email encryption software PGP and the secure-messaging system Silent Circle.

Beware of Fake USB Chargers that Wirelessly Record Everything You Type, FBI warns
May 24, 2016
The device includes a web-based tool for live keystroke monitoring and is capable of sending SMS alerts for typed keystrokes, usernames, or URLs.

ENISA- Europol issue joint statement
May 23, 2016
ENISA and Europol issue joint statement on lawful criminal investigation that respects 21st Century data protection.

Ke3chang Is Back and It’s Targeting Indian Embassies Around the Globe
May 23, 2016
Espionage group resurfaces after two and a half years.

Middle East Banks Under Attack via Malicious Excel Files
May 23, 2016
An unknown group is sending highly targeted and well-crafted spear-phishing emails to the employees of these banks.

Customs invests $1.4M to beef up cybersecurity
May 22, 2016
The Bureau of Custom has invested $1.4 million in a comprehensive cybersecurity program that will protect the government’s second largest tax agency from cybercriminal activities.

Japan to Create Cyber-Defense Government Agency to Protect SCADA Infrastructures
May 20, 2016
Japanese officials are considering creating a new government agency that will be tasked with protecting critical infrastructure against cyber-attacks,

Bank of England urges UK institutions to bulk up cybersecurity after Bangladesh hack
May 20, 2016
Bank of England issued an urgent call of all UK institutions to check for “indicators of compromise” on any computer connected to the Swift messaging service.

Cybersecurity investment to reach $400 million due to IoT threats
May 19, 2016
The cybersecurity industry could see a boost in venture capital, thanks to new threats the Internet of Things (IoT) provide to smart homes, autonomous cars, and future factories.

G-7 Nations Race to Bolster Security Against Cyberattacks in Finance
May 19, 2016
Group of Seven officials meeting in Japan discuss ways to coordinate efforts to fend off hackers

Hong Kong launches fresh plan to fortify cyber security after SWIFT heist
May 19, 2016
Hong Kong’s central bank has a launched a new program to strengthen lenders’ ability to protect their critical technology systems after recent attacks by unidentified groups on a global messaging system used by the financial community.

Another Day, Another Hack: 117 Million LinkedIn Emails And Passwords
May 18, 2016
A hacker is trying to sell the account information, including emails and passwords, of 117 million LinkedIn users.

Nuclear EK Authors Are Based in Russia, Make $100,000 per Month
May 18, 2016
Crooks infected nearly 2 million computers.

Suckfly Cyber-Espionage Group Targets Indian Government and Private Companies
May 18, 2016
A cyber-espionage group called Suckfly is targeting governments and big enterprises using a backdoor named Nidiran, a credential dumping tool dubbed Hacktool, Windows OLE exploit CVE-2014-6332, and stolen digital certificates.

Ukrainian Hacker Admits Role in Hacking Three Business Newswire Services
May 17, 2016
More suspects are expected to admit their crimes as well.

Apple’s big security update – but some iPad Pro users say they’ve been “bricked”
May 17, 2016
As usual, the principal OS X update applies to the current flavour of the operating system, El Capitan (OS 10.11), with a separate security update to patch the two versions before that, Mavericks (10.9.5) and Yosemite (10.10.5).

Singapore, Philippines central banks move to tighten cyber security
May 17, 2016
Singapore’s central bank has asked banks to maintain a high level of security for their critical IT systems following recent cyber attacks using the SWIFT financial messaging system.

Cybersecurity law given thumbs up by European Union’s ministers
May 17, 2016
Former adoption paves way for legislation at national level within next two years.

How Israel Became a Cybersecurity Superpower
May 16, 2016
Israel’s rise as one of the world’s leaders in cybersecurity has been boosted by cooperation between the military, government, education, and private sectors.

New method of producing random numbers could improve cybersecurity
May 16, 2016
University of Texas at Austin computer scientists have developed a new method for producing truly random numbers, a breakthrough that could be used to encrypt data and more accurately simulate complex systems such as Earth’s climate.

100pc of retailers worried about cyber security
May 16, 2016
As digital channels become increasingly important for retailers’ businesses, cyber security has jumped to the top of industry insiders’ lists of concerns.

NYIT Designated as National Center of Academic Excellence in Cyber Defense Education
May 16, 2016
The National Security Agency (NSA) and the Department of Homeland Security (DHS) have designated New York Institute of Technology (NYIT) as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) through academic year 2021.

Criminals Planting Keyloggers On Smartphones
May 14, 2016
Smartphones will become the number one target for cyber criminals within five years, according to police and security experts.

Swift Finds Evidence of Second Malware Attack
May 12, 2016
Hackers used malicious software to gain access to bank’s fund-transfer system

TalkTalk profits halved in wake of cyber attack—boss says ISP is bouncing back
May 12, 2016
Telco claims “customer sentiment towards TalkTalk has recovered.”

Emergency Patch Coming to Fix Adobe Flash Zero-Day Used in Live Attacks
May 12, 2016
Adobe announced today another zero-day vulnerability in its Flash Player application.

US gov’t probes mobile phone industry over the sad state of security updates
May 12, 2016
FCC and FTC coordinate probe of OS developers, hardware makers, and carriers.

South Korea Accuses North Korea of Hacking Defense Contractor
May 11, 2016
South Korean officials said on Tuesday that one of their defense contractors, a military navy ship builder, suffered a cyber-attack on April 20.

£700M Bangladesh heist: Officials say SWIFT technicians left bank vulnerable
May 11, 2016
Bank officials say it wasn’t their fault that sensitive systems were exposed to hackers.

Internal up-skilling key to tackling cyber security skills shortage
May 11, 2016
What strategies can organisations use to ensure that they are able to hire the information security professionals they need and that good candidates are not being missed or overlooked?

Internet Explorer zero-day exploit used in targeted attacks in South Korea
May 10, 2016
Microsoft has patched an Internet Explorer zero-day vulnerability (CVE-2016-0189), which was exploited in targeted attacks in South Korea.

Symantec discusses the importance of cyber security in the oil and gas sector
May 10, 2016
With oil and gas revenues playing a vital role in Iraq’s economy, protecting of the critical infrastructure of oil and gas operations in Iraq and Kurdistan is crucial for the industry to continue to drive progress in the region.

UK data watchdog dishes out brace of fines to NHS after serious breaches
May 9, 2016
Bad timing for NHS in week its Google DeepMind data-sharing deal was revealed.

Half of UK enterprises are ignoring our cyber security advice, says government
May 9, 2016
Government finds two thirds of UK enterprises were hit by a cyber breach or attack in the past year, and only half took its recommended actions.

Register for Future of Cyber Conference and take advantage of the Early Bird Rates
May 9, 2016
Future of Cyber Conference – Cyber Trends will take place on 20-21 October 2016 in Prague, within the Future Forces Forum

Power networks on high alert amid cyber threats
May 8, 2016
Electricity network companies face having to further beef up their defences against cyber attacks as the rise of small-scale renewable power generation increases the vulnerability of the grid to attack.

Critical Qualcomm security bug leaves many phones open to attack
May 6, 2016
Fix still isn’t available for most users, and many will probably never get it.

UK manufacturing industry ‘must ramp up cyber security’
May 6, 2016
Research shows organisations’ security is failing to keep pace with technology advances.

Government pledges $22.2m to boost NZ cyber security defences
May 5, 2016
The Government has pledged $22.2 million to help bolster the country’s cyber security infrastructure, as part of the Budget 2016 announcements.

NIST unveils ‘flexible’ second draft for agency cybersecurity
May 5, 2016
NIST Special Publication 800-160 – is a guide for helping agencies and organizations assign value to their assets and choose the right set of tools that works best to secure their systems.

Huge number of sites imperiled by critical image-processing vulnerability
May 4, 2016
Attack code exploiting critical ImageMagick vulnerability expected within hours.

Russian Hacker Who Stole From Banks Ordered to Pay $7 Million
May 3, 2016
A Russian man who spent about 3 years behind bars in the United States has been spared further prison time but ordered to pay $7 Million to cover damages he caused to banks using a vicious computer virus.

Cybersecurity: Protecting your Industrial Control System
May 1, 2016
A holistic and proactive approach to cybersecurity can help protect your industrial control system from hackers.