Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
The company behind Ashley Madison, a popular online dating service marketed to people trying to cheat on their spouses, said on Monday that the site had been breached. The group behind the attack said they had stolen information on the 37 million members of Ashley Madison and the only way to prevent the data from being released was to shut down the site entirely.
Authorities arrested four people in Israel and Florida and revealed a complex securities fraud scheme tied to the computer hacks of JPMorgan Chase & Co. and other financial institutions. Behind the alleged crimes is a remarkable story of unpredictable alliances in modern cybercrime.
APT – Advanced due to their zero-day attacks, Persistent because the hackers are motivated, and they pose a threat to organizations globally with their advanced skill set. The six stages of the APT cycle include: Intelligence gathering, point of entry, C&C Communication, lateral movement, asset discovery and data exfiltration.
Following news that iOS devices are at risk of spyware related to the Hacking Team, the saga continues into the Android sphere. The RCSAndroid (Remote Control System Android) code can be considered one of the most professionally developed and sophisticated Android malware ever exposed.
The secret, criminal underground of the Internet — the Dark Web — is no longer all that secret, with several vendors offering monitoring services. If you’re in the business of selling malware, botnets, and other illegal goods and services, you’ve got to do some sales and marketing to make it easier for your customers to find you.
Internet Explorer is possibly the most popular target for vulnerabilities around today. In 2014 alone, a total of 243 memory corruption vulnerabilities in Internet Explorer were disclosed and patched. Every Microsoft Patch Tuesday cycle contains one bulletin that covers multiple IE vulnerabilities including many zero-day attacks.
Trend Micro researchers are taking a look into the future of the threat landscape. There are hints and clues as to what is happening in the information security world, but sometimes, “black swans” – unpredictable and groundbreaking events – manage to surprise us.
Want to learn more about the most recent data breaches and latest cyber security topics in the news for this month? Watch our Monthly Threat Webinar.
Please add your thoughts in the comments below or follow me on Twitter; @GavinDonovan.