Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Trend Micro Reviews 2016 Vulnerabilities
In our 2016 security roundup report, A Record Year for Enterprise Threats, we talked about the vulnerability landscape during the year and what trends we saw. Trend Micro’s Zero Day Initiative (ZDI) discovered and responsibly disclosed 678 vulnerabilities in 2016.
Third-Party App Stores Delivered via the iOS App Store
It is unclear exactly who the target of this malicious app is. The account book app is designed with Japanese characters, but the app store itself is written in Mandarin Chinese. In addition, it was found in the App Store of multiple countries.
Watch out for Tax-Themed Phishing and Malware Scams
The US tax season, now in full steam ahead of the April 18 filing deadline, is a prime time for cybercriminals to steal financial information and personal data. When people are concerned about finances, it’s an opportunity for hackers to carry out phishing attacks or distribute malware and ransomware.
‘DoubleAgent’ Attack Turns Antivirus into Malware
Researchers have discovered a well-intentioned debugging tool found in many versions of Microsoft Windows can be used maliciously to gain access to vulnerable antivirus programs, and weaponize them. “DoubleAgent attack” takes advantage of the Microsoft Application Verifier.
Hackers Are Attempting to Extort Apple
Hackers are attempting to extort Apple into paying $100,000 for the “recovery” of millions of iCloud accounts. The hackers have set an April 7th deadline for Apple to pay up. If Apple doesn’t, the criminals are threatening to reset the accounts and wipe devices connected to them.
Hackers Hit ABC and Good Morning America Twitter Accounts
The Twitter accounts of “Good Morning America,” ABC News, and GMA Pop News were hacked early Thursday. A series of profanity-laden posts appeared on the accounts. The identity of the hackers was not known, though one suggested to ABC News that it should secure its account.
Paying for Ransomware Could Cost You More Than Just the Ransom
Ransomware attacks are now incredibly sophisticated and occurring with increasing frequency. In fact, many called 2016 “the year of ransomware,” and for good reason: Trend Micro found there were 752 percent more new ransomware families discovered compared to 2015.
Protect Yourself and Your Organization from Modern Cyberattacks
Sometimes, your data protection tools may actually be providing a false sense of security. A Venafi survey of 500 CIOs found that they were wasting millions of dollars on cybersecurity solutions that couldn’t differentiate between malicious and authorized keys and certificates.
The S in HTTPS Plays a Big Role in User Safety
If you’ve ever bought anything online, checked your bank accounts through the app, or logged on to your favorite social media network, you’ve used a technology called SSL/TLS. The S in HTTPS. SSL/TLS is the technology used to encrypt the communication between your browser and the site you’re visiting.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.
