Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Ransomware Has Become a Serious Threat to Enterprises
Cybercrime as a Service (CaaS) has been a growing trend throughout Deep Web forums for several years. Inexperienced and, quite frankly, lazy cybercriminals can purchase CaaS tools and services from more advanced operators to launch their own malware, spam, phishing and other malicious campaigns at the click of a button.
New Ransomware Research Shows Firms Should Wise Up Not Pay Up
Most IT leaders have by now either encountered ransomware or know someone who has. But how many really understand the threat, its potential impact on the organization and how best to mitigate it? To find out, Trend Micro commissioned new research – both to shine a light on the problem and to provide those IT decision makers with some valuable guidance on how to best insulate their systems and data.
The French Dark Net Is Looking for Grammar Police
Can you read and write in French? Do you have a keen eye for detail to spot mistakes and correct French spelling and grammar? You may just have a promising career as a cybercriminal; that is if you don’t mind getting paid with stolen goods. We found that the French underground marketplace was looking for a person tasked to clean up content by checking for misspellings and overall readability.
Pokémon-Themed Umbreon Linux Rootkit Hits x86, ARM Systems
The Trend Micro Forward Looking Threat Research team recently obtained samples of a new rootkit family from one of our trusted partners. This rootkit family called Umbreon targets Linux systems, including systems running both Intel and ARM processors, expanding the scope of this threat to include embedded devices as well.
Zero Day Initiative (ZDI) Invites You to Join Mobile Pwn2Own 2016
After taking a year off to do some paperwork, the Zero Day Initiative (ZDI) invites you to join us for the fifth annual Mobile Pwn2Own competition, to be held this year on October 26 and 27 at the PacSec Security Conference in Tokyo, Japan. We’re looking forward to rewarding top security researchers for demonstrating and disclosing their attacks on the latest and most popular mobile devices.
St. Jude Sues Over Heart Device Allegations
St. Jude Medical Inc on Wednesday sued short-selling firm Muddy Waters and cybersecurity company MedSec Holdings Ltd, saying they intentionally disseminated false information about its heart devices to manipulate its stock. Muddy Waters said in late August that St. Jude’s pacemakers and defibrillators had cybersecurity flaws that enabled them to be hacked and manipulated.
Experts Say Almost Everything Can Be Hacked
Healthcare organizations need to implement high-end network monitoring and network anomaly detection, according to Core Security general manager Chris Sullivan. Digital records of healthcare information have become quite valuable to cybercriminals, and healthcare is widely considered to be behind other industries in implementing the best tactics and technologies to protect data.
Austrian Officials Investigate Attempted Cyberattack of Vienna’s Airport
Austria’s Interior Ministry is reportedly investigating a hacking group known as ‘Aslan Neferler Tim’ that has claimed responsibility for an attempted cyberattack of Vienna’s airport. The hacking group, also known as ‘Lion Soldiers Team,’ announced this weekend that the group attacked the airport in response to the “racism” of airport officials.
Hackers Exploit Android Flaw to Target Iranian Activists
Suspected state-sponsored hackers have intensified their attempts to break into the online accounts of Iranian rights activists in recent weeks by exploiting security vulnerabilities in Android smartphones. On August 11, 2016 an unknown person sent a message on Facebook to a prominent Iranian political activist living in Paris and introduced himself as a former student.
OPM Cyberattack Had Missed Opportunities
It was time to purge the hacker from the U.S. government’s computers. After secretly monitoring the hacker’s online movements for months, officials worried he was getting too close to critical information and devised a plan, dubbed “the Big Bang,” to expel him. Trouble was, with all their attention focused in that case, they missed the other hacker entirely.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.