Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Small Cities have a Surprisingly High Number of Exposed Devices
We released a report about the exposed cyberassets in the top U.S. cities and most critical industry segments — and in many cases, it was the smaller municipalities that had the largest number of problems.
Trend Micro Endpoint Security Recognized with Recommended Rating by NSS Labs
In addition to Trend Micro receiving one of the highest malware protection scores with no false positives, Trend Micro’s endpoint security scored as 100% effective against exploits and evasion. NSS Labs testing demonstrates a deep understanding that 90% of malware targets a single device, and cyber criminals are designing more sophisticated malware to evade specific defenses or to exploit known software vulnerabilities.
President Trump’s Administration Did Not Attend RSA
As much of the world’s top cybersecurity professionals gathered for the annual RSA conference in San Francisco this week, one group was noticeably absent: top White House officials, who have in the past headlined sessions aimed at closing the gap between the administration and Silicon Valley on cybersecurity policy, were nowhere to be found.
Cybercrime Business is Still Booming
Evil hackers with monomaniacal intentions of a globe-disrupting nature have long dominated pop culture sensibilities. But when it comes to for-profit hacking, it’s important to remember that cybercrime has been, and remains, predominantly a business-driven concern.
Security Firm Loses Bid to Suppress Unflattering Test Results
CrowdStrike on Friday sought a temporary restraining order and preliminary injunction in Delaware to stop NSS from publishing its full Advanced Endpoint Protection Group test, which includes an assessment of CrowdStrike’s Falcon product. The federal court denied CrowdStrike’s request on Monday, and NSS Labs on Tuesday published its test results.
Mirai Widens Distribution with New Trojan that Scans More Ports
Late last year, in several high-profile and potent DDoS attacks, Linux-targeting Mirai (identified by Trend Micro as ELF_MIRAI family) revealed just how broken the Internet of Things ecosystem is. The malware is now making headlines again, thanks to a new Windows Trojan that drastically increases its distribution capabilities.
Executive Order on Cybersecurity for U.S. Has Been Held Back
That executive order, something each administration has issued since the George W. Bush presidency, was withheld without explanation on the day it was supposed to be signed. Examination of the original order obtained by the Washington Post and the subsequent revision obtained by Lawfare show substantial differences.
CERBER Now Triple Checks for Security Software
We’ve started seeing CERBER variants (which we detect as RANSOM_CERBER.F117AK) add a new wrinkle to their behavior: they have gone out of their way to avoid encrypting security software. How did they do this?
IDC Ranked Trend Micro #1 for Corporate Server Security Worldwide for 7th Year in a Row
Servers are the workhorses of IT, and the compute evolution has changed the definition of what a server workload is. Recognizing this, we’ve been working hard to provide security that can consistently protect servers across physical, virtual, cloud, and now containers, helping thousands of organizations around the world secure millions of servers.
President Hollande Requests Cybersecurity Briefing on French Election
French President Francois Hollande requested a full briefing on what is being done to fend off cyber interference in the 2017 presidential race. Hollande’s request comes after independent candidate Emmanuel Macron reported repeated cyber-attacks on his campaign and blaming Russian interference.
The UK’s National Cybersecurity Center was Launched this Week
The UK’s National Cyber Security Centre (NCSC) was officially launched this week – a government sponsored organization that is focused on improving the UK’s cyber security and cyber resilience. The NCSC will manage incidents, analyze threats and offer advice on online security, enabling generations to navigate the internet safely and to be protected from the growing threat of online attack.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.