Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
On their own, a multicomponent backdoor and a point-of-sale (PoS) malware can pose great threats to enterprises and small and medium-sized businesses (SMBs). As a tandem, these two can lead to stealthier and more flexible attacks. But add another PoS malware to the mix, and you’ve got even bigger trouble.
The second Tuesday of the month has arrived which means the arrival of regularly scheduled patches from Microsoft and other vendors. This month’s release includes sixteen bulletins from Microsoft, as well as an update from Adobe for their PDF-related application. A separate update for Flash Player will arrive later this week.
A scammer syndicate has been caught impersonating the services of cyber-security companies and charging high fees for doing very little. Malwarebytes has uncovered its doppelganger. Or at least, that’s what the doppelganger would have you believe. Researchers from the California-based cyber-security firm discovered a site masquerading as its own.
There’s been a recent development in the threat environment around the Remote Root Vulnerability in HID Door Controllers that we wanted to alert customers to. If exploited, the vulnerability could allow an attacker to take complete control of the system. In practical terms, this means that an attacker who is able to get network packets to the door controller system could effectively defeat the system and unlock doors among other things.
Trend Micro is a long-time supporter of VirusTotal. We support VirusTotal because we believe that keeping people around the world safe on the Internet requires partnerships. This includes public and private partnerships, like those we and others have with law enforcement that result in the arrest of cybercriminals, like the recent sentencing of Aleksandr Panin, the creator of SpyEye.
You may have heard about the Panama Papers—documents from a Panamanian law firm that revealed politicians, businessmen, and prominent individuals from countries all over the world were using offshore companies to cut their tax bills. It occurred to us to ask: Do cybercriminals avail of these services? Our research revealed that ads for offshore banking can also be found in underground forums.
HACKING group Anonymous claims, they have taken down central banks in Germany, Greece and Cyprus as they carry out a 30-day worldwide cyberattack. The activist hacking group, who have joined forces with fellow hackers Ghost Squad Attackers, are targeting bank websites across the world. In a coordinated strike called Operation Icarus the hackers took the Bank of Greece offline for a few minutes.
Two senators want a firm definition of what constitutes an act of war in cyberspace. A bill introduced by Sens. Angus King (I-Maine) and Mike Rounds (R-S.D.) would require the administration to develop a policy to determine when a cyberattack rises to the level of warfare.
Specialized cybersecurity skills around cloud computing represent the biggest gap. According to ESG research, 46 percent of organizations say they have a “problematic shortage” of cybersecurity skills in 2016. By comparison, 28 percent of organizations claimed to have a “problematic shortage” of cybersecurity skills in 2015. That means we’ve seen an 18 percent year-over-year increase.
Cybersecurity experts told newsnet5.com that Donald Trump, his supporters, local businesses and Cleveland residents are all possible targets for cyber hacking during the city’s Republican National Convention this summer. Dave Kennedy, Founder of TrustedSec , an information security consulting company based in Strongsville, said “hacktavist” groups like Anonymous have already targeted the RNC’s presumed nominee Donald Trump.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.