September 2016

1 in 3 organizations have experienced an insider attack in the last year
https://www.helpnetsecurity.com/2016/09/30/insider-attack/
Excerpt:
“A new Bitglass report on insider threats in the enterprise found that, in a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. 56 percent of respondents believe insider leaks have become more frequent in the last year.”
Public safety threat: Cyber attacks targeting smart city services
https://www.helpnetsecurity.com/2016/09/26/public-safety-threat/
Excerpt:
“A new survey conducted by Dimensional Research assessed cyber security challenges associated with smart city technologies. Survey respondents included over 200 IT professionals working for state and local governments.”
Rise of cyber attacks against the public sector
https://www.helpnetsecurity.com/2016/09/23/cyberattacks-public-sector/
Excerpt:
“The use of information and communication technologies in the public sector, specifically online government services, is a key factor for being targeted by cybercriminals. Technological advances have made it possible to store personal data in digital format, a great benefit to users, but also a highly-prized target.”
US elections and the hacking of e-voting machines
https://www.helpnetsecurity.com/2016/09/23/hacking-e-voting-machines/
Excerpt:
“As the day when US citizens cast a vote for their preferred presidential nominee quickly approaches, the issue of whether the actual voting process can be tampered with is a topic that interests many.”
Bad security habits persist, despite rising awareness
https://www.helpnetsecurity.com/2016/09/23/bad-security-habits/
Excerpt:
“While 82 percent of respondents believe the IT security industry is making progress against cyber attacks, those gains are undercut by egregious security practices in critical areas such as privileged account security, third-party vendor access and cloud, according to CyberArk.”
Georgia Student Arrested for Hacking University and Changing Grades
Catalin Cimpanu
http://news.softpedia.com/news/georgia-student-arrested-for-hacking-university-and-changing-grades-508560.shtml
Excerpt:
“Kennesaw police arrested Chase Arthur Hughes for hacking the private computer network of Kennesaw State Univeristy (KSU), changing grades and stealing sensitive information, Fox 5 Atlanta reports.”
Yahoo 'state' hackers stole data from 500 million users
http://www.bbc.co.uk/news/world-us-canada-37447016
Excerpt:
“Yahoo says "state-sponsored" hackers stole data on about 500 million users in what could be the largest publicly disclosed cyber-breach in history.The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”.”
Biometric skimmers: Future threats to ATMs
https://www.helpnetsecurity.com/2016/09/23/biometric-skimmers/
Excerpt:
“Kaspersky Lab experts investigated how cybercriminals could exploit new biometric ATM authentication technologies planned by banks. While many financial organizations consider biometric-based solutions to be one of the most promising additions to current authentication methods, cybercriminals see biometrics as a new opportunity to steal sensitive information.”
Identity and personal data theft account for 64% of all data breaches
https://www.helpnetsecurity.com/2016/09/20/breach-level-index/
Excerpt:
“Data breaches increased 15% in the first six months of 2016 compared to the last six months of 2015, according to Gemalto.”
Cyber terrorism seen as biggest single future threat
https://www.helpnetsecurity.com/2016/09/21/cyber-terrorism-future-threat/
Excerpt:
“47% of UK IT decision makers (ITDMs) are more worried about cyber terrorism attacks now than they were 12 months ago, according to IP EXPO Europe. This was identified as the biggest cyber security risk in the future (27%), followed by attacks to national infrastructure (13%).”
Anonymous Hacks Four Italian Healthcare Organizations
Catalin Cimpanu
http://news.softpedia.com/news/anonymous-hacks-four-italian-healthcare-organizations-against-adhd-508445.shtml
Excerpt:
“Anonymous Italia and AntiSec-Italia, two hacktivist groups associated with the Anonymous hacker collective, have hacked and defaced four Italian healthcare organizations and leaked data from two.”
Ransomware families and volume of attacks continue to rise
https://www.helpnetsecurity.com/2016/09/20/ransomware-families/
Excerpt:
“During August, the number of active ransomware families grew by 12 percent while the number of detected attempted ransomware attacks increased by 30 percent. Two-thirds of all recognized ransomware families climbed the rankings in August, most of them by at least 100 positions.”
Identity and personal data theft account for 64% of all data breaches
https://www.helpnetsecurity.com/2016/09/20/breach-level-index/
Excerpt:
“Data breaches increased 15% in the first six months of 2016 compared to the last six months of 2015, according to Gemalto.”
Teen sues parents over embarrassing childhood photos on Facebook
Lisa Vaas
https://nakedsecurity.sophos.com/2016/09/16/teen-sues-parents-over-embarrassing-childhood-photos-on-facebook/
Excerpt:
“An 18-year-old woman is suing her parents for posting embarrassing, intimate tot shots of her onto Facebook and ignoring her pleas to take them down.”
Public cloud services market to grow to $208.6 billion in 2016
https://www.helpnetsecurity.com/2016/09/19/public-cloud-services-market-2016/
Excerpt:
“The worldwide public cloud services market is projected to grow 17.2 percent in 2016 to total $208.6 billion, up from $178 billion in 2015, according to Gartner, Inc. The highest growth will come from cloud system infrastructure services (IaaS), which is projected to grow 42.8 percent in 2016. Cloud application services (SaaS), one of the largest segments in the global cloud services market, is expected to grow 21.7 percent in 2016 to reach $38.9 billion.”
The hidden cost of the insider threat
https://www.helpnetsecurity.com/2016/09/19/insider-threat-hidden-cost/
Excerpt:
“Organizations are spending an average of $4.3 million annually to mitigate, address, and resolve insider-related incidents – with that spend surpassing $17 million annually in the most significant cases, according to the Ponemon Institute.”
Public/private anti-ransomware initiative seeing huge interest
Roi Perez
http://www.scmagazineuk.com/publicprivate-anti-ransomware-initiative-seeing-huge-interest/article/522465/
Excerpt:
“No More Ransomware, the free non-profit initiative launched by Intel Security, Kaspersky Lab and the Dutch Police has seen growing success.”
Hacker Steals Passwords for Science Site EurekAlert!, Leaks Embargoed News
Joseph Cox
http://motherboard.vice.com/read/hacker-steals-passwords-for-science-site-eurekalert-leaks-embargoed-news
Excerpt:
“Popular science website EurekAlert!, which handles embargoed reports on health, medicine, and technology, has been hacked, according to an announcement on the site published Tuesday.”
Canary Wharf computer hacker jailed for stealing thousands of pounds in gold
Francesca Gillett
http://www.standard.co.uk/news/london/canary-wharf-computer-hacker-jailed-for-stealing-thousands-of-pounds-in-gold-a3343241.html
Excerpt:
“A thief has been jailed after he stole thousands of pounds worth of gold by hacking into a company computer system from his Canary Wharf home.”
Man hacked, blackmailed gold bullion trading firm
Zeljka Zorz
https://www.helpnetsecurity.com/2016/09/13/gold-bullion-trading-hack/
Excerpt:
“25-year-old Adam Penny hacked the systems of an unnamed gold bullion trading firm, and used the stolen information about gold deliveries to intercept them before they are delivered to the rightful owners.”
Seagate sued by own staff over data theft
http://www.bbc.co.uk/news/technology-37337741
Excerpt:
“Hardware maker Seagate is facing a lawsuit mounted by some of its own employees whose personal information has been lost by the firm.”
How America’s 911 emergency response system can be hacked
Kim Zetter
https://www.washingtonpost.com/news/the-switch/wp/2016/09/09/how-americas-911-emergency-response-system-can-be-hacked/
Excerpt:
“Critical to the success of the 911 emergency phone system, which has saved countless lives since it was first implemented in 1968, is its ability to quickly route calls to emergency responders closest to a caller.”
Organization must modify the network access policy to address IoT devices
https://www.helpnetsecurity.com/2016/09/12/address-iot-devices/
Excerpt:
“By 2020, 21 billion of Internet of Things (IoT) devices will be in use worldwide. Of these, close to 6 percent will be in use for industrial IoT applications.”
Two CWA Hackers Arrested for Hacking Several Three-Letter US Agencies
Catalin Cimpanu
http://news.softpedia.com/news/two-cwa-hackers-arrested-for-hacking-several-us-three-letter-agencies-508111.shtml
Excerpt:
“The FBI has arrested and charged two members of CWA (Crackas With Attitude) hacking squad, making them the fourth and fifth members apprehended by authorities.”
Sophisticated Mokes backdoor targets Mac users
Zeljka Zorz
https://www.helpnetsecurity.com/2016/09/08/mokes-backdoor-targets-macs/
Excerpt:
“A new malware targeting Macs has been discovered: the Mokes backdoor.”
Stealing login credentials from locked computers in 30 seconds or less
Zeljka Zorz
https://www.helpnetsecurity.com/2016/09/08/stealing-login-credentials-locked-computers/
Excerpt:
“Security researcher Rob Fuller has demonstrated a simple way for stealing login credentials from locked computers running Windows and Mac OS X”
Gugi banking Trojan outsmarts Android 6 security
https://www.helpnetsecurity.com/2016/09/07/gugi-banking-trojan/
Excerpt:
“A modification of the Gugi banking Trojan that can bypass Android 6 security features designed to block phishing and ransomware attacks. The modified Trojan forces users into giving it the right to overlay genuine apps, send and view SMS, make calls and more.”
Mirai Linux Trojan corrals IoT devices into DDoS botnets
Zeljka Zorz
https://www.helpnetsecurity.com/2016/09/07/mirai-linux-trojan-iot-ddos-botnets/
Excerpt:
“Mirai, a newly discovered and still poorly detected piece of Linux malware, is being used to rope IoT devices into DDoS botnets.”
Teenager hacks Sri Lankan president's website to protest exams
Max Metzger
http://www.scmagazineuk.com/teenager-hacks-sri-lankan-presidents-website-to-protest-exams/article/520647/
Excerpt:
“As reported by Sri Lanka's Daily News, the 17-year-old from the province of Kadugannawa hacked into President Maithripala Sirisena‘s personal website to protest the date of upcoming exams. He was arrested on August 29 by Sri Lanka's Crimes Investigation Department.”
UAE: Al Zahra Private Medical Centre hacked
https://www.databreaches.net/uae-al-zahra-private-medical-centre-hacked/
Excerpt:
“The web site of Al Zahra Private Medical Centre in the United Arab Emirates  was reportedly hacked last month by the individual calling himself “websites-hunter” (@websiteshunter on Twitter). The hack was announced on Twitter on August 31 and on Pastebin on the same day.”
India and UK sign MoU for knowledge exchange on cyber-sec incidents
Danielle Correa
http://www.scmagazineuk.com/india-and-uk-sign-mou-for-knowledge-exchange-on-cyber-sec-incidents/article/519894/
Excerpt:
“India and the UK have signed a Memorandum of Understanding (MoU) for close cooperation on counter cyber-attacks faced by these countries.The MoU is aimed to promote closer cooperation between India and the UK for exchange of knowledge and experience in detection, resolution and prevention of security-related incidents.”
Hacker Guccifer sentenced to 52 months in prison
https://www.helpnetsecurity.com/2016/09/02/hacker-guccifer-sentenced-prison/
Excerpt:
“Romanian hacker Guccifer, i.e Marcel Lehel Lazar, who unlawfully accessed the private online accounts of at least 100 Americans and caused the public release of this information on the Internet, was sentenced to a total of 52 months in prison for unauthorized access to a protected computer and aggravated identity theft.”
Programmer arrested for hacking Linux Kernel Organization
https://www.helpnetsecurity.com/2016/09/02/arrested-hacking-linux-kernel-organization/
Excerpt:
“A South Florida-based computer programmer made an appearance in the Southern District of Florida yesterday after being arrested Sunday on charges of hacking into computers operated by the Linux Kernel Organization and the Linux Foundation.”
Mobile ransomware increases 200 percent
https://www.helpnetsecurity.com/2016/09/02/mobile-ransomware-increases-200-percent/
Excerpt:
“There’s been a startling 200 percent increase in mobile ransomware detection in Q2, according to Quick Heal. This amounts to nearly 50 percent of the ransomware detected in all four quarters of 2015 combined.”
Read full article