Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
ISIS Hacking Group Threatens Global Cyberattack Starting with the US
A pro-ISIS hacking group has threatened a massive cyberattack on governments and armies around the world starting with ‘the cursed Unites States’. Electronic Ghosts of the Caliphate declared in an ominous video to its enemies: ‘We are the hackers of ISIS. We will face you in a massive cyber war.’
Security researcher Sabri Haddouche recently reported a collection of critical bugs in major email clients. Exploiting these vulnerabilities could allow an attacker to spoof virtually any email address and bypass detection. Dubbed Mailsploit, this group of vulnerabilities affects over 30 different mail clients.
Trend Micro’s annual predictions report outlines eight ways the threat landscape is expected to evolve in 2018. While the predictions touch on a wide range of issues – from IoT to cyberpropaganda – the underlying theme is this, 2018’s biggest attacks will stem from known vulnerabilities.
The vulnerability presented by researchers from Positive Technologies at Black Hat Europe Dec. 6 detail a nightmare scenario. The CPU flaw allows malware to reside on nearly any recent Intel-based computer manufactured since at least 2015 so that it’s completely undetectable.
Mobile devices are amazing tools that can enrich your life in many ways. Need to solve a problem…? There’s probably an app for that. As these devices mature, and as we weave them into our daily lives more, there is a cost tradeoff that you should be mindful of: “privacy vs convenience.”
The banking trojan known as DOWNAD (Detected by Trend Micro as DOWNAD family) first appeared back in 2008, where it managed to be one of the most destructive malware at the time, infecting up to 9 million computers and gaining worldwide notoriety.
At Black Hat Europe on Thursday, security professionals revealed research into how cybersecurity products on the market can be circumvented by exploiting how they scan for malware and interact with memory processes.
A major botnet, created by the Andromeda malware family, also known as Gamarue, which incorporated millions of PCs and is associated with over 80 different malware families, has been taken down in an international cyber-operation.
Just a few days ago, the notorious Internet of Things (IoT) botnet known as Mirai (detected by Trend Micro as ELF_MIRAI family) was detected as being active in a new campaign targeting Argentina, when red flags were raised after an increase in traffic on ports 2323 and 23.
The shift from desktop ransomware to mobile ransomware is only natural for cybercriminals. According to data gathered from Trend Micro’s Mobile App Reputational Service (MARS), an increasing amount of unique mobile ransomware samples have been seen this year.
UK banks have been accused by their regulator of hiding the full extent of cyberattacks. The number of “material attacks” reported to the regulator has risen from just five in 2014 to 49 so far this year, a pro-rata 67% increase. Ransomware in particular is on the up, comprising nearly 17% of those reports.
For 15 consecutive years, Trend Micro has received the Best Global Taiwan Brands and named as second most valuable this year. The award is organized by the Industrial Development Bureau of Taiwan’s Ministry of Economic Affairs and Intrabrand, a global consultancy.
The challenge with security bugs is that they are many times not perceived as quality issues, since from the developer or tester point of view, the software is working. Defending against software attacks requires developers to think about how the software can be abused.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.