Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
As cities continue to grow smarter, they will also become easier to hack. With millions (if not billions) of dollars going into research for urban domains and the Internet of Things (IoT), there will be more opportunities to utilize technology to define, access and improve smart city services and infrastructure.
Convenience, efficacy, and stealth are the likeliest reasons why cybercriminals are increasingly abusing legitimate tools or services already in the system to deliver their malware. Leveraging them allows these threats to blend in with normal network traffic or IT/system administration tasks, for instance.
The goal of our research was to look into the modus operandi of attackers in the Dark Web. In particular, we were interested in learning whether criminals tend to deliberately target and compromise systems run by other criminal organizations or individuals.
Hackers can penetrate the corporate IT network of a manufacturing company, then gain access to a robot’s controller software and, by exploiting a vulnerability remotely, download a tampered configuration file.
For most security researchers, Yara, a tool that allows them to create their own set of rules for malware tracking, is an invaluable resource that helps automate many processes. However, despite Yara’s reliability, it shouldn’t be the only tool used to monitor new versions of malware.
More than 36 million Android devices may have been infected with ad-click malware dubbed Judy. The malware was found on about 50 apps in Google’s Play Store. The apps’ code sends infected devices to a target webpage, where they generate fraudulent clicks on the site’s adverts to make money for its creators.
Shortly after Chipotle reported a breach on April 25 that affected more than 2,000 restaurant locations and an undisclosed number of individuals across 47 states, an investigation concluded the point-of-sale (POS) malware attack lasted from March 24 to April 18.
A group of cybersecurity researchers launched a crowdfunding effort to raise $25,000 on Wednesday, which is being demanded by the Shadow Brokers, a hacker group. It raised $3,906.62 in 36 hours before the campaign was canceled.
Online gambling operators have started to realize the threats posed by cyber criminals and increased the security of their gaming environment. The Internet is such a perilous place that nothing can be left to chance, but the payment method is the most important.
Malware is somewhat of an anomaly on Macs. For years, Apple users reveled in the knowledge that their OS of choice was impervious to viral infection. Apple even highlighted this lack of threat as a selling point in commercials and marketing for earlier versions of OS X.
No industry or sector is immune to hacking. That reality was made painfully clear in mid-May, when a cyberattacker using WannaCry ransomware crippled health care institutions and many other kinds of organizations around the world.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.