Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Hackers Leak Personal Information of 30,000 FBI and DHS Employees
After several threats to publish breached information, hackers took to social media to boast about a data dump that exposed details of 20,000 Federal Bureau of Investigation employees. This was a follow-up by the group who posted the information of almost 10,000 Department of Homeland Security employees.
First Known Cyberattack of Power Grid Has Been Confirmed
There were three attacks, thirty minutes apart against three electrical substations serving Ukraine’s power grid. Marty W. Edwards, Director, DHS Cyber Emergency Response Team said, “One of the large breakers or several of the large breakers were operated remotely by the attacker.”
The Olympics Brought Olympic-Themed Cyberattacks
Global sporting events like the Olympics are a favorite for cybercriminals. If you’re a cybercriminal looking for something you can use in spam, phishing or malicious social media campaigns, you can’t get much better than the Olympics.
FBI Finally Hacks iPhone, Ending Court Battle with Apple
Apple’s battle with the FBI is over — at least for now. The U.S. Department of Justice said that investigators were able to use a new technique to hack into an iPhone that was used by San Bernardino gunman Syed Farook. As a result, the government “no longer requires the assistance from Apple.”
Ransomware Is Hitting Dozens of Healthcare Organizations
“Ransomware is a growing trend in the criminal underground because it is so profitable,” Mark Nunnikoven told iDigitalTimes. “When your job is on the line and critical data at stake, it’s tempting to pay the ransom, but this only makes you a bigger target.”
Cyberattack Crashed Netflix, PayPal, Twitter and More
Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world’s best known websites on Friday, a stunning breach of global internet stability.
Mining Companies Are under Attack
Cyber espionage campaigns against the mining industry are largely geared towards ensuring interest groups have access to the latest technical knowledge and intelligence so they can maintain competitive advantage and thrive in the global commodities market.
Self-Promoting App in Google Play Cashes in on Pokémon Go
Scammers and cybercriminals are quick to cash in on the massive popularity of the location-based, augmented reality mobile game Pokémon Go, creating malicious versions of the game and related help apps that lock screens and deliver scareware and adware, even a remote access trojan.
KrebsOnSecurity Was Hit with Record DDoS
On Tuesday evening, KrebsOnSecurity.com was the target of an extremely large and unusual distributed denial-of-service (DDoS) attack designed to knock the site offline. The attack failed thanks to the hard work of the engineers at Akamai, the company that protects the site from such digital sieges.
Changing Your Yahoo Password Isn’t Enough
With the recent announcement of more than 500 million accounts impacted by a security breach, many Yahoo users have been changing their passwords. After all, that’s the official guidance. However, as ZDI’s Simon Zuckerbraun points out, a new password isn’t enough.
Trend Micro’s Latest Legal Victory Is a Win for the Real Innovators
Like most companies that invest millions of dollars in research and development, we rely on our intellectual property (IP) rights. Unfortunately, for every real legitimate product company that brings a patent suit, there are many more suits brought by patent speculator entities.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.
