Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Petya first garnered more recent attention in June 2017 when security researchers and investigators discovered that it was responsible for several large-scale attacks in Ukraine. According to Microsoft, before the end of June, Petya had spread to 65 countries total, impacting more than 12,500 machines.
The Internal Revenue Service (IRS) has issued an urgent warning about a new scheme targeting taxpayers. The scam email uses the emblems of both the IRS and the FBI, and urges recipients to click on a link to download a questionnaire allegedly from the FBI.
There are two ways phishers are evading MicrosoftOffice 365 Security protections: one using “hexidecimal escape characters” to conceal coding and links, and the other by compromising SharePoint files. Researchers suspect that this phishing campaign may be the work of Chinese cybercriminals.
In particular, Abbott’s pacemakers, formerly of St. Jude Medical, have been “recalled” by the US Food and Drug Administration (FDA) on a voluntary basis. An estimated 465,000 pacemakers must be given a firmware update to protect them against a set of critical vulnerabilities.
Business email compromise (BEC) attacks increased by 45 percent in the last three months of 2016. As email is increasingly used for notifications and interpersonal connections in company and consumer settings, it will be essential to evaluate its security capabilities and protect it appropriately.
Second-hand gaming retailer, CeX, confirmed an “online security breach” may have put as many as two million customer accounts at risk. In an email to customers, the company said that personal information – including first names, surnames, addresses, email addresses and phone numbers – was stolen.
The UK hospital group, NHS Lanarkshire, was forced to cancel several patient appointments after a new variant of Bitpaymer ransomware was detected in its IT systems last Friday. The hackers demanded the hospital pay 50 Bitcoins, or about $218,000.
Earlier this year, the State of New York introduced a new set of regulations requiring banks, insurance companies and other financial services to establish and maintain cyber security programs that meet specific standards. The first of four transition periods ended on Monday.
Trend Micro’s Deep Security server security product is now available to customers of VMware Cloud on AWS. This means customers can take advantage of agile cloud infrastructure, while maintaining their familiar VMware tools, skill sets and architecture framework investments.
The future is cloud. At this point in its evolution it’s undeniable. Success in the hybrid cloud starts with these four principles; (1) one process regardless of environment, (2) tools must scale automatically, (3) tools must be programmable, and (4) tools must take smart decisions on your behalf.
The truth is that today, there aren’t many kids on the school campus that don’t have a laptop or mobile device. Just as we’d teach them how to cross the road safely and why they shouldn’t talk to strangers, so we must do the same for their digital lives.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.