Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
‘GODLESS’ Mobile Malware Uses Multiple Exploits to Root Devices
We came across a family of mobile malware called Godless (detected as ANDROIDOS_GODLESS.HRX) that has a set of rooting exploits in its pockets. By having multiple exploits to use, Godless can target virtually any Android device running on Android 5.1 (Lollipop) or earlier. As of this writing, almost 90% of Android devices run on affected versions.
JScript-toting Ransomware Steals Your Passwords and Bitcoin Wallets
In an effort to develop a target base and increase the conversion rate of victims, ransomware perpetrators will try to veer away from well-known families and create new families sporting seemingly new techniques—with varying degrees of practicality.
The Exploit Kit Landscape is Shifting and There’s New Crytpo-Ransomware Activity
Early this year, we reported that in 2015, Angler came out as the top exploit kit, having contributed 59.5% in the total exploit kit activity for the year. Now, there’s barely any pulse left. After the arrest of 50 people accused of using malware to steal US$25 million, it is interesting to note that Angler basically stopped functioning.
Banking Trojans as a Service Is Making Theft Easy in Brazil
As a known banking Trojan center, it’s not surprising when Brazil’s cybercriminals launch what could be considered “banking Trojans as a service.” In this particular case, a skilled cybercriminal started offering a fully functional banking Trojan and its associated infrastructure for rent, to be used by less-skilled crooks.
The U.S. and Israel Signed a Cybersecurity Intelligence-Sharing Agreement
Israel signed an agreement on Tuesday to join an American initiative that helps countries and major companies share cyber defense and intelligence information automatically. Representatives from the U.S. Department of Homeland Security, who were in Israel for Tel Aviv University’s annual International Cybersecurity Conference, signed the agreement together with Israeli government officials.
There Are 5 Things Multinational Businesses Need To Know About Cybersecurity Regulation
Cyber incidents have been increasingly on the rise. In a 2016 PwC survey of businesses worldwide, 86 percent of respondents reported exploits of operational, embedded and consumer systems. Hacking and other cyber incidents are also shown to be growing now by nearly 40 percent every year.
Cybersecurity Experts Say China-Based Hacking Incidents Have Dipped
Chinese hacking of corporate and government networks in the U.S. and other countries appears to be declining, according to computer-security experts at companies hired to investigate these breaches. The drop-off is stark and may date back two years.
Bills To Foster Cybersecurity and Homeland Security Relationship Passed the House
Two bills from Rep. John Ratcliffe (R-Texas) to foster relationships between Homeland Security and cybersecurity researchers passed the House on Tuesday night. “Across this country there are innovators who are finding the answers, and we need to listen to them.” Majority Leader Kevin McCarthy (R-Calif.) said on the floor.
Your Staff’s LinkedIn Habits Are Exposing You To Cybersecurity Threats
A survey of 2,000 people discovered that almost a quarter (24 percent) of Brits had connected with somebody they did not know personally on LinkedIn, which could not only open them up to targeted cyberattacks, as criminals use personal information to tailor their approach, but also the companies they work for.
The Developers Behind Ethereum Are Hacking the Hacker That Hacked It
Hacking is a two-way street. The core developers behind Ethereum, which supports a cryptocurrency similar to bitcoin, launched an assault on an anonymous hacker that stole at least $89 million through its network. Alex Van Der Sande, lead designer for Ethereum, announced the counterattack on Twitter earlier today.
AV-Test Awards Trend Micro Internet Security 10 a Top Product Certificate Again
For the second time in 2016, AV-Test Institute has awarded Trend Micro™ Internet Security 10 a Top Product Certificate among a field of 22 products tested. Highlights of the report show Trend Micro Security provided 100% protection against malicious web and email threats in a variety of scenarios without negatively effecting performance and usability.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.
