Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, see how cybercriminals have learned to become more creative with malware through spam campaigns. Also, understand why securing energy and water should remain top priority in integration of the industrial IoT.
As cybersecurity defenses continue to improve, cybercriminals have learned to become more creative with malware. Trend Micro encountered threats being packaged inside old file types in spam campaigns.
Digital authoritarianism is on the rise, according to a new report from a group that monitors internet freedoms. Freedom House, a pro-democracy think tank, said today that governments are seeking more control over users’ data while also using laws nominally intended to address “fake news” to suppress dissent. It marked the eighth consecutive year that Freedom House found a decline in online freedoms around the world.
The Department of Health and Human Services opened a cybersecurity center designed to support and improve the cyber defense of the U.S. healthcare industry.
According to Trend Micro’s report, there has only been a slight increase in ransomware detection so far in 2018. However, this doesn’t make ransomware any less of a threat to enterprise security.
Trend Micro recently observed cases of abuse of the systems running misconfigured Docker Engine-Community with Docker application program interface (API) ports exposed.
To defend against eavesdropping malware, Apple’s T2 security chip will now include a mechanism to cut off a laptop’s microphone at a hardware level whenever the lid is closed.
As vulnerabilities in the systems behind CIs increase, specifically for supervisory control and data acquisition human machine interfaces, it’s important to look at what risks these critical sectors face.
This campaign is notable for its use of steganography, which hides malicious code in unexpected mediums (i.e., images) to evade signature-based detection.
Securing energy and water should remain top priority in the continuing integration of the industrial internet of things in these critical sectors.
International Consolidated Airlines Group SA said 185,000 more British Airways passenger records were potentially stolen in a recent data breach, on top of the 380,000 credit card records previously reported.
Cybercriminals are increasingly using evasion tactics to bypass detection methods, and proactive techniques are needed to discover a malware infection before it leads to a threat.
Trend Micro uncovered an operation of a hacking group, which we’re naming “Outlaw”, involving the use of an IRC bot built with the help of Perl Shellbot.
Trickbot now has a password grabber module that steals access from several applications and browsers, such as Microsoft Outlook, Google Chrome, Internet Explorer, Microsoft Edge, and more.
Researchers from Trend Micro published a report on the ways that Human Interface Systems (HMI), which are found in thousands of utilities worldwide, can be exploited.
The increasing attack incidences via Remote Desktop Protocol (RDP) have prompted the FBI to release an alert informing businesses to establish preventive measures.
Do you think it’s important for critical infrastructures to use proactive techniques to secure energy and water sectors? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.