Ransomware Attackers Demanded $19K from California School District

David Bisson

https://www.tripwire.com/state-of-security/latest-security-news/ransomware-attackers-demanded-19k-california-school-district/

Excerpt:

“Ransomware attackers demanded $19,000 from a California school district for a decryption key that would unlock its encrypted data.”


Cybercriminals increasingly focusing on credential theft

https://www.helpnetsecurity.com/2017/09/29/credential-theft/

Excerpt:

“Criminal tactics used to access user credentials are growing in prevelance, and that a record 47 percent of all malware is new or zero day, and thus able to evade signature-based antivirus solutions, according to WatchGuard.”


Iranian APT33 Hackers Launch Phishing Attacks on Aviation, Energy Industries

Jeff Goldman

https://www.esecurityplanet.com/threats/iranian-apt33-hackers-launch-phishing-attacks-on-aviation-energy-industries.html

Excerpt:

“FireEye researchers recently determined that an Iranian government hacking group, which the researchers are calling APT33, uses phishing attacks to target companies in the U.S., Saudi Arabia and South Korea. The group has been in operation since at least 2013.”


Singapore banks closing accounts of cryptocurrency firms

https://www.out-law.com/en/articles/2017/september/singapore-banks-closing-accounts-of-cryptocurrency-firms/

Excerpt:

“Two Singapore trade bodies told the Business Times that their members have faced problems with banks closing accounts.”


Europol Warns Banks ATM Cyber Attacks on the Rise

http://www.securityweek.com/europol-warns-banks-atm-cyber-attacks-rise

Excerpt:

“Cyber criminals are increasingly accessing ATM machines through the banks' networks, with squads of money mules standing by ready to pick up the stolen cash, Europe's policing agency warned Tuesday.”


Skynet in China: Real-life 'Person of Interest' spying in real time

Ms. Smith,

https://www.csoonline.com/article/3228444/security/skynet-in-china-real-life-person-of-interest-spying-in-real-time.html

Excerpt:

“AI married to CCTV surveillance in China uses facial recognition and GPS tracking to overlay personal identifying information on people and cars in real time”


Shocker? Companies still unprepared to deal with ransomware

https://www.helpnetsecurity.com/2017/09/27/unprepared-ransomware/

Excerpt:

“Companies and government agencies are overwhelmed by frequent, severe ransomware attacks, which have now become the #1 cyber threat to organizations, according to Crowd Research Partners.”


ATM hackers switch to network-based attacks

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/27/atm-network-based-attacks/

Excerpt:

“More and more attacks against ATMs are network-based, Trend Micro researchers have found.”


After hack, security researchers probe Deloitte’s security posture

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/27/deloitte-security-posture/

Excerpt:

“It’s difficult – if not impossible – for any organization to keep their networks and systems completely safe from knowledgeable, well-resourced and determined attackers.”


A simple example of a complex cyberattack

Vasily Berdnikov, Dmitry Karasovsky, Alexey Shulmin

https://securelist.com/a-simple-example-of-a-complex-cyberattack/82636/

Excerpt:

“We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the case in the malicious campaign that we detected a while ago – we named it ‘Microcin’ after microini, one of the malicious components used in it.”


This popular Android keyboard app has been secretly collecting data and could be spying on users

India Ashok

http://www.ibtimes.co.uk/this-popular-android-keyboard-app-has-been-secretly-collecting-data-could-be-spying-users-1640665

Excerpt:

“The popular Android custom keyboard app Go Keyboard was found secretly collecting user data and sending it to remote servers. The app, which is available via Google Play Store and third-party app stores and has been downloaded by over 400 million users, was also found downloading "dangerous" executable code from a third-party server.”


China blocks WhatsApp

Shannon Liao

https://www.theverge.com/2017/9/25/16362292/china-whatsapp-censorship-wechat-no-more-texts

Excerpt:

“China has blocked WhatsApp, security experts confirmed today to The New York Times. Over the past few months, WhatsApp has experienced brief disruptions to service, with users unable to send video chats or photos. Now, even text messages are completely blocked, according to Nadim Kobeissi, an applied cryptographer at Symbolic Software, a Paris-based research firm that also monitors digital censorship in China.”


Lawyer: Hacker in Spanish custody sought by US, Russia

http://www.bostonherald.com/news/international/2017/09/lawyer_hacker_in_spanish_custody_sought_by_us_russia

Excerpt:

“Russian authorities are fighting the extradition of an alleged Russian hacker from Spain to the United States, the suspect's lawyer said Friday, in the latest move by Moscow to block U.S. prosecution of suspected Russian cybercriminals.”


Criminal hacking: Top technology risk to health, safety and prosperity

https://www.helpnetsecurity.com/2017/09/25/criminal-hacking/

Excerpt:

“Americans believe criminal hacking into computer systems is now a top risk to their health, safety and prosperity. Criminal hacking, a new ESET survey finds, outranks other significant hazards, including climate change, nuclear power, hazardous waste, and government surveillance.”


Android unlock patterns are a boon for shoulder surfing attackers

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/25/android-unlock-patterns/

Excerpt:

“The “swiping” unlock patterns typical for Android devices are considerably easier for attackers to discern than PIN combinations.”


Industry reactions to the Deloitte cyber attack

https://www.helpnetsecurity.com/2017/09/25/industry-reactions-deloitte-cyber-attack/

Excerpt:

“Deloitte has been targeted in an attack that compromised the emails and plans of some of its clients. Here are some of the industry comments Help Net Security received regarding this incident.”


CCleaner hackers targeted tech giants with a second-stage malware

Pierluigi Paganini

http://securityaffairs.co/wordpress/63282/apt/ccleaner-hack-tech-giants.html

Excerpt:

“The threat actor that recently compromised the supply chain of the CCleaner software to distribute a tainted version of the popular software targeted at least 20 major international technology firms with a second-stage malware.”


Passwords to Over a Half Million Car Tracking Devices Leaked Online

Dell Cameron

https://gizmodo.com/passwords-to-access-over-a-half-million-car-tracking-de-1818624272

Excerpt:

“We’ve seen a lot of data breaches this year: some big, some small, some that are dangerous, and some that are just embarrassing. But if we were to name one as the creepiest data breach of 2017, this leak of logins for car tracking devices might take the cake.”


When Responding to a Data Breach, Cooperation Is Nine-Tenths of the Law

George Moraetes

https://securityintelligence.com/when-responding-to-a-data-breach-cooperation-is-nine-tenths-of-the-law/

Excerpt:

” In recent years, several high-profile breaches involving customer data have led to long and costly litigations. These events demonstrated that data protection is more than just a cybersecurity concern.”


ISPs in at least two countries were involved in delivering surveillance FinFisher Spyware

Pierluigi Paganini

http://securityaffairs.co/wordpress/63258/malware/finfisher-spyware-isps.html

Excerpt:

“Finfisher infected victims in seven countries and experts believe that in two of them the major internet providers have been involved.”


Researchers Link CCleaner Hack to Cyberespionage Group

Lucian Constantin

https://motherboard.vice.com/en_us/article/7xkxba/researchers-link-ccleaner-hack-to-cyberespionage-group

Excerpt:

“The recent attack that resulted in 2.2 million users installing infected versions of a popular Windows system optimization tool might have been the work of a sophisticated cyberespionage group with a history of software supply chain compromises.”


Hackers behind CCleaner compromise were after Intel, Microsoft, Cisco

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/21/ccleaner-compromise-targets/

Excerpt:

“There is a new twist in the CCleaner hack saga: the attackers apparently didn’t set out to compromise as many machines as possible, but were after some very specific targets.”


46,000 new phishing sites are created every day

https://www.helpnetsecurity.com/2017/09/22/46000-new-phishing-sites/

Excerpt:

“An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are hard to find using web crawlers, and they trick victims into providing personal and business information.”


Setting the standard for a blockchain protocol for IoT

https://www.helpnetsecurity.com/2017/09/20/blockchain-iot/

Excerpt:

“A wide range of blockchain technology companies and enterprises like Cisco, Gemalto and Bosch have launched the Trusted IoT Alliance, an initiative that aims to bring companies together to develop and set the standard for an open source blockchain protocol to support IoT technology in major industries worldwide.”


Using security cameras and infrared light to extract data from air-gapped networks

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/20/extract-data-from-air-gapped-networks/

Excerpt:

Researchers have demonstrated that it’s possible for attackers to covertly exfiltrate data from and send data into an air-gapped network by using the infrared light capabilities of (indoor and outdoor) security cameras connected to it.”


Worldwide security appliance revenue increased to $3 billion

https://www.helpnetsecurity.com/2017/09/19/worldwide-security-appliance-revenue/

Excerpt:

“According to IDC, the total security appliance market saw positive growth in both vendor revenue and unit shipments for the second quarter of 2017 (2Q17). Worldwide vendor revenues in the second quarter increased 9.2% year over year to $3 billion and shipments grew 7.0% year over year to 706,186 units.”


Number of lost, stolen or compromised records increased by 164%

https://www.helpnetsecurity.com/2017/09/20/lost-stolen-compromised-records/

Excerpt:

“According to Gemalto’s Breach Level Index, 918 data breaches led to 1.9 billion data records being compromised worldwide in the first half of 2017.”


Here’s How Hackers Can Hijack Your Online Bitcoin Wallets

Mohit Kumar

http://thehackernews.com/2017/09/hacking-bitcoin-wallets.html#

Excerpt:

“Researchers have been warning for years about critical issues with the Signaling System 7 (SS7) that could allow hackers to listen in private phone calls and read text messages on a potentially vast scale, despite the most advanced encryption used by cellular networks.”


Retailers Experience Two Cyber Attacks Every Week

Zynstra

https://www.informationsecuritybuzz.com/study-research/retailers-experience-two-cyber-attacks-every-week-2/

Excerpt:

“Retailers are responding to cyber attacks on average twice a week — this is according to the latest research from Zynstra, an enterprise-grade IT software provider. 16% of retailers said they experienced an attack or attempted attack every day, 11% said they responded 2-3 times per week, and 64% said once a month.”


Apple’s Face ID can be quickly disabled in an emergency

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/18/disable-face-id/

Excerpt:

“A week ago, Apple debuted iPhone X and Face ID, a new biometric security mechanism that replaces Touch ID.”


Hackers backdoored CCleaner, likely affecting millions of users

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/18/hackers-backdoored-ccleaner/

Excerpt:

“Legitimately signed but backdoored versions of the popular CCleaner utility were available for download from the developer’s Web site and servers for nearly a month, Cisco Talos researchers have discovered.”


Cybercriminals deploying assortment of banking Trojans and ransomware

https://www.helpnetsecurity.com/2017/09/18/banking-trojans-ransomware-august-2017/

Excerpt:

“Check Point revealed that banking trojans were extensively used by cybercriminals during August, with three variants appearing in the company’s latest Global Threat Impact Index.”


Federal agents can search your phone at the US border — here’s how to protect your personal information

Rebecca Harrington

http://www.businessinsider.my/can-us-border-agents-search-your-phone-at-the-airport-2017-2/?r=US&IR=T

Excerpt:

“When you’re entering the United States, federal agents have broad authority to search citizens and visitors alike – but a new lawsuit filed Wednesday is trying to change that.”


3 Countries with 3 Different Legal Approaches to the Cloud

Sean Westbrook

https://themerkle.com/3-countries-with-3-different-legal-approaches-to-the-cloud/

Excerpt:

“One of the most fascinating things to watch is how different governments and organizations deal with the advent of cutting-edge tech. It’s particularly interesting to watch the legislative process to see how each individual country decides to regulate these new platforms, gadgets and tools.


British computer hacker, 25, stole data from US military communications systems including 30,000 satellite phones in £450,000 attack

Rory Tingle

http://www.dailymail.co.uk/news/article-4884920/British-computer-hacker-25-stole-data-military.html

Excerpt:

“A British computer hacker who gained unauthorised access to data from US military communication systems has been handed a suspended prison sentence.”


Zerodium is offers $1 Million for Tor Browser Exploits

Pierluigi Paganini

http://securityaffairs.co/wordpress/63006/hacking/zerodium-tor-browser-exploit.html

Excerpt:

“The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs.”


Why end-to-end encryption is about more than just privacy

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/13/end-to-end-encryption/

Excerpt:

“The question of whether regular people need end-to-end encryption will surely be debated for quite some time. But for Alan Duric, CEO and co-founder of Wire, the question can only have a positive answer.”


Billions of mobile, desktop and IoT devices potentially exposed to BlueBorne Attack

Pierluigi Paganini

http://securityaffairs.co/wordpress/62968/hacking/blueborne-attack.html

Excerpt:

“Billions of mobile, desktop and IoT devices that use Bluetooth may be exposed to a new stealthy remote attack dubbed BlueBorne attack.”


European banks at mercy of US regulators

https://www.helpnetsecurity.com/2017/09/12/european-banks-us-regulators/

Excerpt:

“European banks are under disproportional enforcement pressure from US regulators. Since 2012, of the $38.4bn levied in economic crime fines worldwide, 97 percent of all fines have come from US regulators. With the average fine for European banks being ten times the amount US banks have been served.”


Billions of Bluetooth-enabled devices vulnerable to new airborne attacks

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/13/blueborne/

Excerpt:

“Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices.”


South Korea Prepares to Introduce New Cryptocurrency Regulations

JP Buntinx

https://themerkle.com/south-korean-officials-prepare-to-introduce-new-cryptocurrency-regulations/

Excerpt:

“Every time a country tries to introduce new cryptocurrency regulation, there is a valid reason for concern. South Korea is the next country on the list to do exactly that, which is a potential problem. Considering how South Korean cryptocurrency exchanges are driving much of the trading volume right now, additional regulation could upset the balance. As of right now, local financial regulators wish to tighten the existing regulation across the country.”


Dragonfly hackers gained operational access to European, US power companies

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/07/operational-access-european-us-power-companies/

Excerpt:

“The Dragonfly hacking group is back – or should we say it probably never went away – and is still interested in penetrating the networks of European and US companies in the energy sector.”


Insider threats and ransomware are most feared, followed by DDoS attacks

https://www.helpnetsecurity.com/2017/09/08/insider-threat-ransomware-ddos-fear/

Excerpt:

“A new SANS survey found that ransomware, insider threats and denial of service are considered the top three threats organizations face when it comes to securing sensitive data.”


13% of SMBs have experienced an IoT-based attack

https://www.helpnetsecurity.com/2017/09/08/smb-iot-based-attack/

Excerpt:

“One in four companies have already experienced a ransomware attack and one in eight have dealt with an IoT-based attack, according to Arctic Wolf Networks.”


SynAck Ransomware Sees Huge Spike in Activity

Catalin Cimpanu

https://www.bleepingcomputer.com/news/security/synack-ransomware-sees-huge-spike-in-activity/

Excerpt:

“Over the past two days, there was an increase in activity from a relatively unknown ransomware strain named SynAck, according to victims who sought assistance in the Bleeping Computer ransomware support forums and from submissions to the ID-Ransomware service.”


European court says workplace surveillance must not violate workers’ privacy

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/06/workplace-surveillance-privacy/

Excerpt:

“European companies must strike a fair balance between workplace surveillance and their employees’ right to privacy, the European Court of Human Rights (ECHR) has ruled.”


Skilled security staff are hard to find, security teams need to be creative

https://www.helpnetsecurity.com/2017/09/07/skilled-security-staff/

Excerpt:

“A study conducted in July by Dimensional Research examined how organizations are addressing the cybersecurity skills gap. Study respondents included 315 IT security professionals at U.S.-based companies with more than 100 employees.”


VPN Reseller in China Sentenced to 9 Months in Jail

JP Buntinx

https://themerkle.com/vpn-reseller-in-china-sentenced-to-9-months-in-jail/

Excerpt:

“Most people are well aware that the Chinese government does not like freedom of speech all that much. The government has no intention of providing access to most online sources of information either. The Great Firewall of China has been subject to plenty of scrutiny over the years. One way to bypass this problem is using a VPN. However, one person selling VPNs to evade the country’s blockade recently got jailed for his actions.”


Taringa Data Breach, over 28 Million users affected

Pierluigi Paganini

http://securityaffairs.co/wordpress/62704/data-breach/taringa-data-breach.html

Excerpt:

“Taringa, also known as ‘The Latin American Reddit’, is a popular social network used by netizens in Latin America to create and share thousands of posts every day on general interest topics.”


Chinese cryptocurrency crackdown

Shane Curtis

https://www.welivesecurity.com/2017/09/05/chinese-cryptocurrency-crackdown/

Excerpt:

“China banned the raising of funds using token-based digital currencies and deemed the practice illegal on Monday, in a move seen as an attempt to impose more regulations on the virtual market.”


Hackers stole contact info of 6 million Instagram users and are selling it online

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/05/instagram-users-contact-info-stolen/

Excerpt:

“Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number.”


US Government Site Was Hosting Ransomware

Michael Mimoso

https://threatpost.com/us-government-site-removes-link-to-cerber-ransomware-downloader/127767/

Excerpt:

“As recently as Wednesday afternoon, a U.S. government website was hosting a malicious JavaScript downloader that led victims to installations of Cerber ransomware.”


Cancer Treatment Center Notifies 19K Patients of Ransomware Attack

David Bisson

https://www.tripwire.com/state-of-security/latest-security-news/cancer-treatment-center-notifies-19k-patients-ransomware-attack/

Excerpt:

“A cancer treatment center has notified more than 19,000 patients of a ransomware attack that might have affected their personal and medical information.”


Locky ransomware returns with new tricks up its sleeve

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/01/locky-returns-new-tricks/

Excerpt:

“Locky ransomware is back, again, delivered with the help of new tricks to fool users and anti-malware defenses.”


Canadian university scammed out of $11.8 million

Zeljka Zorz

https://www.helpnetsecurity.com/2017/09/01/university-scam/

Excerpt:

“MacEwan University in Edmonton, Alberta, is the latest confirmed victim of scammers.”


WikiLeaks hack reveals effectiveness of crude attacks

https://www.v3.co.uk/v3-uk/news/3016484/wikileaks-hack-reveals-effectiveness-of-crude

Excerpt:

“WikiLeaks suffered a cyber-attack this morning from white hat collective OurMine, which posted a message on the site's homepage saying, "It's OurMine (security group). Don't worry we are just testing your... blablalblab oh wait, this is not a security test! WikiLeaks remember when you challenged us to hack you?”


Stealthy backdoor used to spy on diplomats across Europe

Zeljka Zorz

https://www.helpnetsecurity.com/2017/08/31/backdoor-spy-diplomats-europe/

Excerpt:

“A new, sophisticated backdoor Trojan has been used to spy on targets in embassies and consulates across Southeastern Europe and former Soviet Union republics.”