Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a cyberespionage campaign targeting Middle Eastern countries and a botnet malware that infiltrates containers via exposed Docker APIs.
The latest FBI Internet Crime Complaint Center (IC3) report paints an accurate picture of the scale of online threats and shows that consumers need to take urgent steps to protect their most sensitive identity and financial data from online attackers.
Trend Micro uncovered a cyberespionage campaign targeting Middle Eastern countries and named it “Bouncing Golf” based on the malware’s code in the package named “golf.”
Trend Micro announced it has blocked 5 million attempted cyberattacks against IP cameras in just five months. Through its strategic partnership with VIVOTEK, Trend Micro’s IoT security solutions are embedded in globally deployed IP cameras to provide superior protection.
Trend Micro details an attack type where an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community allows attackers to infiltrate containers and run a variant of the Linux botnet malware AESDDoS.
A ransomware attack in May prevented the Baltimore City and County governments from mailing the annual water and sewage tax bills to its residents due to unverifiable accounts of abnormally low or no water consumption in 2018.
Hackers have targeted the gaming industry by carrying out 12 billion credential stuffing attacks against gaming websites in 17 months, according to a new report by internet delivery and cloud services company Akamai.
A Netflix researcher uncovered four critical vulnerabilities within the TCP implementations on Linux and FreeBSD kernels that are related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities.
Oracle published an out-of-band security alert advisory on CVE-2019-2729, a zero-day deserialization vulnerability that could allow remote attackers to execute arbitrary code on targeted servers.
The hacking group, Xenotime, behind intrusions targeting facilities in oil and gas industries has started probing industrial control systems (ICSs) of power grids in the U.S. and the Asia-Pacific region, researchers reported.
US medical bill and debt collector American Medical Collection Agency (AMCA) has filed for bankruptcy protection in the aftermath of a disastrous data breach that resulted in the theft of information from clients including Quest Diagnostics, LabCorp, BioReference Laboratories and more.
Trend Micro observed a new cryptocurrency mining botnet that arrives via open ADB (Android Debug Bridge) ports and can spread from an infected host to any system that has had a previous SSH connection with the host.
Multiple groups are launching attacks against exposed Exim mail servers, trying to exploit a vulnerability that could give them permanent root access.
Riviera Beach is paying $600,000 in Bitcoins to a hacker who took over local government computers after an employee clicked on a malicious email link three weeks ago.
Are you up-to-date on the best ways to lower the risk of hackers accessing your personal data? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.