Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
BLACKGEAR is an espionage campaign which has targeted users in Taiwan for many years. Multiple papers and talks have been released covering this campaign, which used the ELIRKS backdoor when it was first discovered in 2012.
Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world’s best known websites on Friday, a stunning breach of global internet stability.
Adobe has released an out-of-bound patch for Flash Player due to a zero-day vulnerability. According to Adobe’s bulletin (APSB16-36), versions of Flash from 126.96.36.199 and earlier (released on October 11) are affected.
A Chinese manufacturer of internet-connected surveillance cameras has recalled a number of its products said to have been used in last Friday’s cyberattack. The three-wave attack lasted almost all day, leaving millions on the U.S. east coast unable to access dozens of high-profile websites.
The 2016 edition of Mobile Pwn2Own has wrapped, and the contestants demonstrated some unique attacks against the iPhone 6S and Nexus 6P. With multiple successful exploits, Tencent Keen Security Lab Team claimed the title of Master of Pwn with 45 points and $215,000 total awarded.
Our researchers analyzed the use of pager communications in industrial environments. This report will look at how and why these environments still utilize pagers and the potential security concerns due to this unencrypted channel.
Last week’s massive distributed denial-of-service (DDoS) attack on the DNS provider Dyn should serve as a wake-up call: the Internet of Things ecosystem is broken. Poorly supported and insecure devices brought an important part of the Internet’s infrastructure offline and took many high-profile sites with it.
A massive cyberattack Friday on a key internet routing company knocked offline major websites like Spotify, Twitter and The New York Times, as WikiLeaks supporters claimed credit. But security researchers were quick to cast doubt on their boasts.
The explosive growth of alternative payment systems (APS) globally has posed great opportunities for businesses and consumers alike but equally has posed significant challenges for international law enforcement and regulators.
Automakers should make shielding the electronic and computer systems of vehicles from hackers a priority, developing layers of protection that can secure a vehicle throughout its life, U.S. regulators said on Monday.
The “name and shame” trend has become popular in cybersecurity: even FBI officials suggest using it. A couple of weeks ago, the UK National Cyber Security Centre (NCSC) announced that it will name and shame departments failing to secure their emails (properly implement DMARC).
In the first half of 2016 alone, there has been a 172 percent rise in the number of new ransomware families. Here at Trend Micro, we have blocked an overwhelming amount of these ransomware attacks – more than 100 million.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.