
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week.
SYSCON Backdoor Uses FTP as a C&C Channel
Bots can use various methods to establish a line of communication between themselves and their C&C server. Usually, these are done via HTTP or other TCP/IP connections. Trend Micro recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C server.
HITRUST is taking Healthcare Threat Protection to the Next Level
Taking Healthcare Organizations’ cybersecurity measures to the next level, Trend Micro and HITRUST, long-time partners and advocates for improving baseline security for healthcare, launched the HITRUST CTX Deceptive – a new cyber deception platform designed to detect advanced threats.
Roboto Condensed Attack Is Now Pushing Crapware
Since late August, a social engineering attack called Roboto Condensed is being added to hacked sites and distributing keyloggers, miners, and downloaders. As of Sunday, this attack has also started adding crapware & adware bundles to the mix to further make their victims miserable.
Whole Foods Was Hit by Hackers
Whole Foods Market said that hackers were able to gain access to credit card information for customers who made purchases at some of its in-store taprooms and restaurants. The company did not disclose details about the locations that were targeted or how many customers might have been effected.
Internal Phishing Attacks Are a Growing Concern of Security Professionals
Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user.
A Hacker Turned an Amazon Echo into a ‘Wiretap’
On Tuesday, British security researcher Mark Barnes detailed a technique anyone can use to install malware on an Amazon Echo, along with his proof-of-concept code that would silently stream audio from the hacked device to his own faraway server.
WhatsApp and WinZip Are among the Most Blacklisted Apps in the Enterprise
WhatsApp Messenger, WinZip, and Where’s My Droid Pro have made the list for the most blacklisted iOS and Android apps in enterprise environments. To help tackle enterprise mobile security issues, Trend Micro and VMware announced a new partnership this past July.
3 Billion Yahoo Accounts Were Affected by the 2013 Attack
It was the biggest known breach of a company’s computer network. And now, it is even bigger. Verizon Communications, which acquired Yahoo this year, said on Tuesday that a previously disclosed attack that had occurred in 2013 affected all three billion of Yahoo’s user accounts.
Surgery Center Reported a Ransomware Incident that Impacted 128K Patient Records
The Arkansas Oral and Facial Surgery Center posted a notice to patients that its computer network had been impacted by ransomware. Following the incident, the organization said it has implemented a new record system, and has arranged for credit monitoring protection for its patients, for 12 months at no cost.
US Wins Tug-of-War with Russia over Extradition of 4 of 5 Highly Valued Suspects
The US has won four legal battles with Russian authorities for the extradition of five highly valued suspects, all Russian nationals, for their involvement with various cyber-crime related activities. The four are part of five highly mediatized arrests of Russian cyber-criminals the US has orchestrated in the past twelve months.
It’s National Cyber Security Awareness Month
The month of October 2017 is again the National Cyber Security Awareness Month (NCSAM) for individuals and organizations. This year’s theme is shared responsibility which is something we’ve been talking a lot about when it comes to public cloud support for many years.
This Month’s Threat Webinar Is Focusing on the GDPR’s Effect on Organizations
Join this month’s threat webinar as Trend Micro’s Steve Neville, Director, Corporate Marketing and Jon Clay, Director, Global Threat Communications, discuss many aspects of this regulation, including details of what it is, who it affects, how non-EU companies are impacted, and what needs to be done.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.