Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Nothing in the annals of corporate hacking compares to the portrait U.S. authorities painted Tuesday of a vast, global crime syndicate — a mob for the digital age. As described by federal prosecutors, it was an operation of breathtaking scale, involving more than 100 people in a dozen countries, with illicit proceeds stretching into the hundreds of millions of dollars.
Microsoft has rolled out 12 security updates for the month of November. Out of the 12, 4 are rated critical while the rest are rated as important. All 4 critical bulletins address bugs that could allow remote code execution if the user opens a specially crafted file or webpage.
There is a likely acceleration date which may require you to switch all your SHA-1 certificates to SHA-2 certificates by June 1, 2016, instead of the previous deadline of December 31, 2016. Due to a recent study that states SHA-1 websites are already vulnerable, Microsoft is considering an earlier emergency deprecation date.
In our 2016 annual predictions, the most frightening and sensational prediction is that “at least one consumer-grade smart device failure will be lethal in 2016.” Put simply, we’re saying that smart technology has reached the point where it’s important enough in our lives that a failure, any kind of failure, can lead to a lethal consequence.
Bitdefender on Monday released a free decryption tool designed to wrest data from the grip of a rare type of ransomware that’s been plaguing Linux servers. The ransomware attacks came to light last week, when Dr. Web reported that extortionists have been exploiting vulnerabilities in software running on Linux servers to gain administrative privileges.
Nominating someone to lead the Office of Personnel Management does not typically result in a high-profile showdown. But it might be a different matter with the White House’s announcement on Tuesday that President Obama wants Beth Cobert, currently the acting director, to officially assume the top job. Senate Republicans immediately showed that they intended to make her nomination as much about a serious cybersecurity breach at the agency as about her qualifications.
Technology risks such as cybersecurity are the greatest threats facing financial institutions, according to a survey of industry executives by the Global Risk Institute. As Canadian banks are increasingly focusing on growth from digital channels, almost half of attendees at a conference of the Toronto-based research organization named technology risks as the No. 1 hazard facing the industry.
Even with the frequency and severity of cyberattacks increasing rapidly worldwide, efforts by the world’s third-largest economy to improve its data security are being hobbled by a widespread corporate culture that views security breaches as a loss of face, leading to poor disclosure of incidents or information sharing at critical moments.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.