Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
INTERPOL Arrests Business Email Compromise Scam Mastermind
Through collaboration with Trend Micro researchers, INTERPOL and Nigeria’s Economic and Financial Crime Commission (EFCC), recently struck a blow against Business Email Compromise (BEC) scams when they arrested a 40-year-old Nigerian national named “Mike,” who was the mastermind behind multiple BEC, 419, and romance scams.
Self-Promoting App in Google Play Cashes In on Pokémon Go
The location-based, augmented reality mobile game Pokémon Go is taking the world by storm. Unsurprisingly, scammers and cybercriminals are quick to cash in on its massive popularity, creating malicious versions of the game and related help apps that lock screens and deliver scareware and adware, even a remote access trojan.
The Security of Two-Factor Authentication and SMS Messages Is in Question
Last week, a lot of tech media sites were breathlessly reporting how the National Institute of Science and Technology (NIST) in the United States was saying that two-factor authentication (2FA) via SMS messages would be “deprecated” in future standards. Some took this to mean that this technique was insecure, and that users should shy away from this method.
Cyberattack Claims Multiple Airports in Vietnam
Hackers on Friday successfully pulled-off cyberattacks against Vietnam’s two largest airports and the nation’s flag carrier, Vietnam Airlines. The attacks — attributed to a Chinese hacking group known as 1937CN — ultimately failed to cause any significant security issues or air traffic control problems, Vice Minister of Transport Nguyen Nhat told local media.
Bitfinex Customers Lose Millions in Major Cyberattack
Major Bitcoin exchange Bitfinex has suffered a suspected hack leading to the theft of an estimated $66 million worth of the crypto-currency at current exchange rates. The Hong Kong-based firm – which is said to be one of the biggest of its kind in the world – explained in a homepage message that it had suffered a security breach forcing it to halt all deposits and withdrawals.
Banner Health Was Compromised by Cyberattack on 3.7 Million People’s Personal Data
Individuals’ data may have been compromised by hackers that hacked in via food and beverage payment systems and infiltrated of 3.7 million individual patient healthcare data. “On July 13, 2016, we discovered that cyberattackers may have gained unauthorized access to information stored on a limited number of Banner Health computer servers,” Banner Health said in a statement.
FBI Neglected to Tell DNC It Was Target of Russian Cyberattack Last Fall
The FBI did not tell the Democratic National Committee that U.S. officials suspected it was the target of a Russian government-backed cyberattack when agents first contacted the party last fall, three people with knowledge of the discussions told Reuters. And in months of follow-up conversations, the FBI did not warn party officials that the attack was being investigated as Russian espionage, the sources said.
Experts Admit ‘Highly Prized’ Offensive Capabilities Can Hack Enemy Networks From Under the Sea
America’s stealth submarines are being used to carry out cyberattacks and listen in on enemy computer networks, two US Navy officials have revealed. The secret offence capabilities were revealed at a recent Washington conference. ‘There is a — an offensive capability that we are, that we prize very highly,’ said Rear Adm. Michael Jabaley, the U.S. Navy’s program executive officer for submarines, at a Center for Strategic and International Studies event in Washington.
The Kremlin Is Sure to Keep Its Fingerprints Off Any Cyberattack
It has become something of a ritual over the past decade. Revelations of a cyberattack against a geopolitical foe of Russia, accusations from Western leaders, and then the inevitable Kremlin response: “Prove it.” Plausible deniability has long been a key attraction in cyberespionage, a practice that most governments, including the United States, pursue.
The World’s Biggest Student Cybersecurity Event Is Coming to Abu Dhabi in November
The world’s best students in cyber security will descend on Abu Dhabi in November as New York University Abu Dhabi (NYUAD) hosts the Cyber Security Awareness Week (CSAW).
The event will see students put their knowledge on information security to the test in a series of elimination rounds.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.