Week in review: Locky spreading via Facebook, principles for efficient cyber investigations

Here’s an overview of some of last week’s most interesting news, podcasts and articles:

Cobalt hackers executed massive, synchronized ATM heists across Europe, Russia
A criminal group dubbed Cobalt is behind synchronized ATM heists that saw machines across Europe, CIS countries (including Russia), and Malaysia being raided simultaneously, in the span of a few hours.

Over 2.8 million cheap Android smartphones come with preinstalled backdoor
If you’re using a cheap Android smartphone manufactured or sold by BLU, Infinix, Doogee, Leagoo, IKU, Beeline or Xolo, you are likely wide open to Man-in-the-Middle attacks that can result in your device being thoroughly compromised.

Six key principles for efficient cyber investigations
Inundated by alerts, analysts lack the automated and intelligence-driven processes to hone in on attacks across the kill chain and breaches continue far too long. To address this fundamental mismatch, organizations need a new perspective on the way they detect and respond to attacks.

Michigan State University database with 400,000 student and staff records breached
The database in question was taken offline in less than 24 hours after it was breached by the attacker, but not quickly enough to prevent him or her to access records of 449 individuals.

Locky hidden in image file hitting Facebook, LinkedIn users
Check Point researchers have apparently discovered how cyber crooks are embedding malware in graphic and image files, and how they are executing the malicious code within these images to infect social media users with Locky ransomware variants.

How security collaboration will prove vital in 2017
Cyber defenders should take a page out of the enemy’s playbook. Crowd intelligence will need to be organized and harnessed as a major tactic to improve security strategies against growing threats.

Unidirectional communications in a bidirectional world
Modern enterprises transmit control system information to business networks continuously, and need to send information from business networks into operations networks occasionally – for example when sending control recipes into batch manufacturing systems or when sending anti-virus signatures and other security updates. Andrew Ginter, VP of Industrial Security at Waterfall Security, explains how you can send information into these sites securely.

DDoS protection quiz-based training course
The DDoS Protection Bootcamp is the first online portal to provide in-depth technical training in the field of DDoS protection.

Internet freedom around the world keeps decreasing
According to the latest Freedom on the Net report, 67 percent of all Internet users now live in countries where online criticism of the government, ruling family or the military is subjected to censorship, and such activity can result in individuals getting arrested.

German Android users bombarded with banking malware masquerading as legitimate apps
Fortinet researcher Kai Lu warns of a fake email app that is capable of stealing login credentials from 15 different mobile banking apps for German banks.

This year’s most hackable holiday gifts
Intel Security announced its second annual McAfee Most Hackable Holiday Gifts list to identify potential security risks associated with hot-ticket items this holiday season.

Hybrid cloud storage use to double in next 12 months
Organisations are looking to hybrid cloud storage to support a variety of workloads.

Telecrypt Decryptor foils ransomware’s simple encryption method
Telecrypt Decryptor works only if the affected user has .NET 4.0 and above (every Windows version since Windows XP has it by default), and if he or she has at least one of the encrypted files in unencrypted form.

Oracle buys Dyn
Oracle today announced that it has signed an agreement to acquire Dyn, a cloud-based Internet Performance and DNS provider that monitors, controls, and optimizes Internet applications and cloud services.

The transformative impact of cloud adoption
Despite the average company using 1,427 cloud services to upload an average of 18.5 TB of data to cloud applications each month, less than 9 percent of cloud providers are taking the strict data security and privacy steps recommended for a modern enterprise, according to Skyhigh Networks. Companies specifically struggle with securing employee behavior, accurately detecting threats and enforcing cloud governance.

New infosec products of the week​: November 25, 2016
A rundown of infosec products released last week.

More about

Don't miss