Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Pawn Storm made headlines again after security researchers shed light on its latest cyberespionage campaign. The group’s latest spear phishing campaign involves the use of a malware-ridden Word document that uses the recent incident in New York last October 31 as a social engineering hook.
Researchers observed new activity from ChessMaster, with notable evolutions in terms of new tools and tactics. From what we’ve seen, ChessMaster is continuously evolving, using open source tools and ones they developed, likely as a way to anonymize their operations.
UFC’s Fight Pass pay-per-view site is the latest high profile victim hit with the silent Monero crypto-currency miner developed by Coinhive. The site joins the ranks of Pirate Bay, CBS’s Showtime and other sites where the silent miners have used to steal the CPU computing power.
Researchers uncovered new Android malware that can surreptitiously install other malware on the affected device via the Toast Overlay attack: TOASTAMIGO, detected by Trend Micro as ANDROIDOS_TOASTAMIGO.
Millions of dollars’ worth of ether, the digital token of the ethereum blockchain, could be frozen on a cryptocurrency wallet because one individual “accidentally” triggered a bug. The company said that one person “suicided” the wallet, deleting its code and freezing all ether tokens contained within.
REDBALDKNIGHT, also known as BRONZE BUTLER and Tick, is a cyberespionage group known to target Japanese organizations such as government agencies (including defense) as well as those in biotechnology, electronics manufacturing and industrial chemistry.
Regulatory bodies have been asked to provide greater clarity on part of the EU GDPR, after a new survey highlighted confusion among global organizations on what constitutes “state of the art” security. It also uncovered a lack of preparedness in supporting the key “right to be forgotten” strand of the GDPR.
If you recently downloaded the Android version of WhatsApp from the Google Play marketplace, you might want to be sure it’s the real thing. Last Friday, Reddit users discovered that a fake WhatsApp program had been downloaded more than 1 million times before Google took it down.
The GIBON Ransomware variant was reportedly seen for sale in a dark web criminal forum with a $500 price tag. The Russian advertisement said GIBON has the ability to use recursive encryption, leave README.txt files in messages to the users, encryption keys sent to an admin pane and more.
Americans are more worried about cybercrime than conventional crime according to a new Gallup poll. The research found that 67 percent of U.S. adults frequently or occasionally worry about having their personal, credit card or financial information stolen by computer hackers.
One of Trend Micro’s newest members of the TippingPoint TPS family has just received a glowing review from NSS Labs. The 8400TX had an overall security effectiveness rating of 99.6% and an above average total cost of ownership (TCO), earning it the prestigious “Recommended” rating yet again.
The integration of Trend Micro Deep Security with NSX extends Trend Micro’s security services platform including anti-malware, firewall, intrusion detection/prevention (IDS/IPS), web application protection, and integrity monitoring to the software-defined data center.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.