• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News

This Week in Security News

  • Posted on:October 6, 2017
  • Posted in:Current News, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.

Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week.

 

SYSCON Backdoor Uses FTP as a C&C Channel

Bots can use various methods to establish a line of communication between themselves and their C&C server. Usually, these are done via HTTP or other TCP/IP connections. Trend Micro recently encountered a botnet that uses a more unusual method: an FTP server that, in effect, acts as a C&C server. 

HITRUST is taking Healthcare Threat Protection to the Next Level

Taking Healthcare Organizations’ cybersecurity measures to the next level, Trend Micro and HITRUST, long-time partners and advocates for improving baseline security for healthcare, launched the HITRUST CTX Deceptive – a new cyber deception platform designed to detect advanced threats. 

Roboto Condensed Attack Is Now Pushing Crapware

Since late August, a social engineering attack called Roboto Condensed is being added to hacked sites and distributing keyloggers, miners, and downloaders. As of Sunday, this attack has also started adding crapware & adware bundles to the mix to further make their victims miserable. 

Whole Foods Was Hit by Hackers

Whole Foods Market said that hackers were able to gain access to credit card information for customers who made purchases at some of its in-store taprooms and restaurants. The company did not disclose details about the locations that were targeted or how many customers might have been effected. 

Internal Phishing Attacks Are a Growing Concern of Security Professionals

Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user.  

A Hacker Turned an Amazon Echo into a ‘Wiretap’

On Tuesday, British security researcher Mark Barnes detailed a technique anyone can use to install malware on an Amazon Echo, along with his proof-of-concept code that would silently stream audio from the hacked device to his own faraway server. 

WhatsApp and WinZip Are among the Most Blacklisted Apps in the Enterprise

WhatsApp Messenger, WinZip, and Where’s My Droid Pro have made the list for the most blacklisted iOS and Android apps in enterprise environments. To help tackle enterprise mobile security issues, Trend Micro and VMware announced a new partnership this past July. 

3 Billion Yahoo Accounts Were Affected by the 2013 Attack

It was the biggest known breach of a company’s computer network. And now, it is even bigger. Verizon Communications, which acquired Yahoo this year, said on Tuesday that a previously disclosed attack that had occurred in 2013 affected all three billion of Yahoo’s user accounts. 

Surgery Center Reported a Ransomware Incident that Impacted 128K Patient Records

The Arkansas Oral and Facial Surgery Center posted a notice to patients that its computer network had been impacted by ransomware. Following the incident, the organization said it has implemented a new record system, and has arranged for credit monitoring protection for its patients, for 12 months at no cost. 

US Wins Tug-of-War with Russia over Extradition of 4 of 5 Highly Valued Suspects

The US has won four legal battles with Russian authorities for the extradition of five highly valued suspects, all Russian nationals, for their involvement with various cyber-crime related activities. The four are part of five highly mediatized arrests of Russian cyber-criminals the US has orchestrated in the past twelve months. 

It’s National Cyber Security Awareness Month

The month of October 2017 is again the National Cyber Security Awareness Month (NCSAM) for individuals and organizations. This year’s theme is shared responsibility which is something we’ve been talking a lot about when it comes to public cloud support for many years. 

This Month’s Threat Webinar Is Focusing on the GDPR’s Effect on Organizations

Join this month’s threat webinar as Trend Micro’s Steve Neville, Director, Corporate Marketing and Jon Clay, Director, Global Threat Communications, discuss many aspects of this regulation, including details of what it is, who it affects, how non-EU companies are impacted, and what needs to be done. 

Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.

Related posts:

  1. This Week in Security News
  2. This Week in Security News
  3. This Week in Security News
  4. This Week in Security News

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy
  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.