Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
In 2016, cyber extortionists will devise new ways to target its victim’s psyche to make each attack “personal.” Threats will evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation. Security vendors will need to work together with law enforcement and would-be victims to help combat these evolving threats.
Our two new Follow the Data reports have been compiled from 10 years’ worth of information collated by non-profit the Privacy Rights Clearinghouse. You might be surprised to hear that only 12.5% of breaches over the period 2005-15 happened to retailers. It’s also notable that hacking and malware incidents have shown a major increase since 2005, thanks to the success of POS RAM scrapers.
Google’s Android platform is the most popular operating system in the world, but it’s not without its vulnerabilities. Stagefright was a vulnerability discovered by Zimperium that was publicized in July and disclosed at a BlackHat conference this past August. Our researchers discovered the AudioEffect vulnerability that works to take advantage of an Android feature that fails to check buffer sizes in some client-supplied media player apps.
Sex sells, and nowhere is that more true than the Chinese mobile landscape. Porn-themed malware has been hitting Android users in China, Japan, and Taiwan in recent weeks. These malicious apps are distributed via SEO-optimized fake websites, with keywords targeting hot scandals and affairs used.
The gap between young men and women who would consider a career in the field of cybersecurity is widening, according to a survey of almost 4,000 people aged 18-26 from 12 countries. Key findings from the study are quite alarming when one considers the importance of cybersecurity in our increasingly digital world, and that gender equality is a major contributor towards the success of modern societies.
A new study from CompTIA found that even IT employees with the know-how to protect themselves against cyberattacks still exhibit the sloppy behaviors that often compromise sensitive corporate data. American employees exhibit poor habits when it comes to protecting both their personal information and their employer’s information, due in part to lack of training, awareness or understanding of the implications.
Organizations in the Asia-Pacific region were forecast to spend $230 billion to deal with cybersecurity breaches in 2014 — the highest amount for any region in the world. Analyst firm Frost & Sullivan forecasted the cybersecurity market in Australia and New Zealand to reach revenues of more than $1.6 billion (USD) by 2019. India, however, has the world’s second largest population, and a very small cybersecurity economy.
Senators on Tuesday are scheduled to consider multiple proposed changes to the measure before a final vote, which Senator Mitch McConnell of Kentucky could try to force as early as Tuesday evening. Backers of the legislation say it could help secure the nation’s digital infrastructure by allowing private companies to share information about threats and attacks with the federal government, to help companies better protect themselves.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.