Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
While most enterprises are becoming more aware of threats like ransomware and DDoS attacks, very few know that they are also at risk of economic espionage; much less of associated tools like espionage-as-a-service offerings that attackers can easily avail of in the Deep Web.
In January of 2016, we found various “SmsSecurity” mobile apps that claimed to be from various banks. These apps supposedly generated one-time passwords (OTPs) that account holders could use to log into the bank; instead they turned out to be malicious apps that stole any password sent via SMS messages.
The most concerning thing revealed so far about the cybercriminal attack on the San Francisco light rail system at the Thanksgiving weekend was that the virus was able to infect so much of the system, said cybersecurity experts.
A new version of HDDCryptor was spotted and we believe that this variant is the one used in a recent attack against San Francisco Municipal Transport Agency. In this attack the ransomware dropped tools to perform full disk encryption, as well as the encryption of mounted SMB drives.
A cybercriminal gang is putting a new, and somewhat confusing, spin on the classic tech support scam using a new strain of ransomware to lock up a victim’s computer and then asking the person to call a Microsoft customer support number for help.
The most recent malware attack campaign for Google account holders is known as Gooligan. Tech analysts say it’s the largest breach of Google accounts to date, with more than a million accounts compromised. The Gooligan hack primarily infects older Android phones.
Cyber criminals appear to be using passwords and email addresses from previous breaches to gain access to 26,000 online UK National Lottery accounts. Camelot detected the scam and subsequent attempted frauds and responded by locking down accounts, triggering compulsory password resets.
Trend Micro is constantly trying to make securing cloud workloads easier. Four years ago, Deep Security as a Service launched to simplify how cloud workloads are secured, and the growth of the service has been phenomenal.
During the holiday season this year, it’s estimated that nearly 49 million Americans will travel 50 miles or more to be with their friends and family. In many ways, the risks are the same whether you have a laptop, mobile or tablet device. If it’s internet connected, it’s exposed to cybercriminals across the globe.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.