Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Like a game of cat and mouse, the perpetrators behind the Locky ransomware had updated their arsenal yet again with a new tactic—using Windows Scripting File (WSF) for the arrival method. WSF is a file that allows the combination of multiple scripting languages within a single file.
Many sophisticated malware families use a Domain Generating Algorithm (DGA). These algorithms provide dynamic predictable domains to the bot herder. As these domains are short-lived, blacklists will be not effective. Often they are quite numerous, with upwards of tens of thousands of domains generated per day by a single malware family.
Valley Anesthesiology and Pain Consultants, a large practice with more than 300 providers serving multiple hospitals across the greater Phoenix region, has suffered a cyber attack affecting 882,590 patients. The incident also affects all current and former employees and providers, the number of which was not disclosed.
It was the first known cyberattack of its kind. They were three attacks, thirty minutes apart against three electrical substations serving Ukraine’s power grid. Marty W. Edwards, Director, DHS Cyber Emergency Response Team said, “What happened is one of these large breakers or several of these large breakers were operated remotely by the attacker.”
Australia’s first attempt to conduct a census online resumed Thursday almost two days after it shut down due to what an angry prime minister described as system failures that left it vulnerable to a cyberattack. Prime Minister Malcolm Turnbull blamed failures of the Australian Bureau of Statics and systems provider IBM after the 470 million Australian dollar national survey was taken offline on Tuesday.
House Minority Leader Nancy Pelosi said Saturday that she has been bombarded with “obscene and sick calls, voice mails and text messages” after her personal contact information was posted online Friday night in the wake of the cyber attack against top Democratic campaign committees. Pelosi, D-Calif., warned her Democratic colleagues in Congress to quickly change their numbers.
On Wednesday, the federal government launched a public forum that will invite members of the Canadian public to share their views on Canada’s cyber security landscape. This call for public consultation will be open until October 15th, 2016.
A Pakistani hacker has been awarded $5,000 by Google and Firefox for exposing a flaw in their web browsers. The bug discovered by Rafay Baloch could allow attackers to use the address bar and divert users to malicious websites possibly tricking them into revealing sensitive information.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.