April 12, 2017
Noah Powers, Delta-risk.net, April 6, 2017
Insider threats continue to be a concern for organizations. New research conducted by Crowd Research Partners, in coordination with the LinkedIn Information Security Group, reveals that 74 percent of organizations feel vulnerable to insider threats, while 54 percent of security professionals say insider threats are more common overall.
Saheli Rouh Choudhury, Cnbc.com, April 9, 2017
As governments create smarter cities, they need cybersecurity measures built from the ground up — or they risk costly data breaches which could compromise the privacy of their citizens. In 2016 alone, cyber-crime cost the global economy more than $450 billion and over two billion personal records were stolen, according to the chief executive of specialist insurer Hiscox.
Joseph Cox, Motherboard.vice.com, April 7, 2017
Do you want to play a game? That’s the question posed by a novel piece of ransomware that challenges victims to achieve a high score in a video game instead of demanding cash to unlock files. Yeah. “Minamitsu ‘The Captain’ Murasa encrypted your precious data like documents, music [sic], pictures, and some kinda project files,” a pop-up from the malware, called Resenware, reads.
Steve Ragan, CSOonline.com, April 5, 2017
Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public. The database was discovered by MacKeeper researcher Chris Vickery on March 31, when he was searching for random phrases on the domain s3.amazonaws.com.
Tom Spring, Threatpost.com, April 7, 2017
Security information and event management (SIEM) solutions are supposed to boost security, but researchers say the network analysis tools are ripe attack targets. The warning comes from security expert John Grigg, lead cyber strategist with Meta Studios. In a talk at the Infiltrate Conference, he concluded, after a review of deployments, that many top SIEM vendor solutions are insecure.
Dark Reading Staff, Darkreading.com, April 6, 2017
A research on data breaches at hospitals has revealed that those with major teaching facilities and more beds were at greater breach risk, says a Johns Hopkins University report. Conducted by Ge Bai of John Hopkins Carey Business School, the study examined federal Department of Health and Human Services’ data breach statistics of health facilities between 2009 and 2016.
Catalin Cimpanu, Bleepingcomputer.com, April 6, 2017
A new malware strain called BrickerBot is bricking Internet of Things (IoT) devices around the world by corrupting their storage capability and reconfiguring kernel parameters. Detected via honeypot servers maintained by cyber-security firm Radware, the first attacks started on March 20 and continued ever since, targeting only Linux BusyBox-based IoT devices.
Elizabeth Snell, Healthitsecurity.com, April 5, 2017
Promoting a cyber and science, technology, engineering and mathematics (STEM) education, as well as creating cybersecurity scholarships are two key ways federal cybersecurity workforce challenges can be addressed, according to a recent Government Accountability Office (GAO) report. Cybersecurity skills gaps, being able to recruit and retain qualified staff, and the federal hiring process itself are top challenges for agencies working to ensure they have a strong cybersecurity workforce, GAO explained.
Robert Abel, Scmagazine.com, April 10, 2017
Hackers breached the Amazon accounts of several third party vendors using stolen credentials obtained through the dark web to post fake deals and steal cash. The threat actors have reportedly changed the bank deposit information on the compromised accounts to steal tens of thousands of dollars from the users, several sellers and advertisers have said.