Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year from ransomware infections alone has been disrupted, comprising about half of all observed Angler-related activity.
Attribution is interesting, but from the point of view of defense, motives matter more. This shapes how threat actors behave once inside your network – and that, in turn, influences how you should set up your own defenses.
A vicious phishing attack is currently running rife in Germany targeting PayPal users, trying to get them to download what on the surface looks like the official PayPal app, but is actually a banking trojan. We identified more than 200 malicious apps that belong to this particular malware family, some with different app labels, and others that aren’t affiliated to banks.
Nuclear energy facilities worldwide are highly vulnerable to cyberattacks as a result of pervasive technical and cultural challenges, including a lack of awareness among leadership about the risks involved, according to a critical report from an international think tank.
The ugly news exploded last week: 15 million applicants for credit at T-Mobile have had their personal information stolen by hackers from a server maintained at Experian, the credit reporting agency. But then the news gets worse: very bad times are ahead for many of those 15 million, due to the nature of the stolen data. And nobody knows exactly how the hack occurred.
According to our report, healthcare organizations accounted for more than a quarter (26%) of all U.S. breaches from 2005 – 2015. That’s significantly more than education (16.8%), government (15.9%) and retail (12.5%), which rounded out the top four most targeted industries. This may be due to HIPAA regulations ensuring healthcare organizations report such incidents, however, anecdotal reports would seem to suggest a deeper problem.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.