Week in review: Yahoo breach, malvertising targeting routers, the economics of ransomware

Here’s an overview of some of last week’s most interesting news and articles:

Malvertising campaign compromises routers instead of computers
The attackers current main goal is to change DNS records on the target router, so that it queries the attacker’s rogue DNS servers, and the users are served with ads that will earn the attackers money.

How to create a safer shopping experience
From phishing sites to online card skimming to compromised terminals in stores; even gifts themselves pose security risks.

End the air gapping myth in critical infrastructure security
In an environment where we’re seeing increasing demand for connectivity between operational technology (OT) and IT, security teams have to dispel the air gapping myth to acknowledge that IT influences can exploit OT connections.

More Android-powered devices found with Trojans in their firmware
Both Trojans are capable of contacting their C&C servers, updating themselves, receiving instructions on which apps to covertly download and run, and start running each time the device is turned on or restarted.

One billion users affected in newly revealed Yahoo hack
Yahoo has revealed that it’s been the victim of another hack and massive data breach that resulted in the compromise of information of a billion users!

Google publishes eight national security letters
The NSLs, which can be written by FBI agents and do not have to be approved by a court, ask Google to reveal subscriber information (name, address, length of service) and sometimes electronic communications transactional records, but not the content of any electronic communication.

Consumers worry more about cybercrime than physical crime
Despite concern for cybercrime in general among those consumers surveyed, awareness of phishing and ransomware remains relatively low.

Corporate Office 365 users hit with clever phishing attack
The attack comes in the form of fake emails, and the trick makes the user to see one URL in the link, anti-phishing filters another, and the actual link leading to a third, phishing URL.

Netgear pushes out beta firmware for vulnerable router models
The vulnerability allows the execution of Linux commands if they are appended to the URL of a page that the victim is tricked into visiting.

Zcash mining software covertly installed on victims’ machines
Software “mining” the recently established Zcash (ZEC) cryptocurrency is being foisted upon unsuspecting users, Kaspersky Lab warns.

The economics of ransomware revealed
70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems. In comparison, over 50 percent of consumers surveyed said they would not pay to regain access back to personal data or devices aside from financial data, according to IBM Security.

Secure websites brought to you by the letter S
Soon, you won’t be able to reach many popular websites without adding an “s” at the end of “http” in the address bar.

Growth rates of cryptographic keys and certificates
58 percent say their organizations used more than 2500 keys and certificates in 2016. One in four organizations used more than 10,000 keys.

New sheriffs in town: No More Ransom
A couple of months ago, Intel Security, Kaspersky Lab, Dutch National Police and Europol announced the No More Ransom initiative. Since the launch a lot has happened.

Joomla vulnerability can be exploited to hijack sites, so patch now!
The newest version of the popular CMS has been released on Tuesday (December 13), and it fixes three vulnerabilities, several bugs, and includes a number of new security hardening mechanisms.

ENISA says crypto backdoors are a bad idea
History has shown that technology beats legislation, and criminals are best placed to capitalise on this opportunity.

Should security vendors offer product guarantees?
A new Vanson Bourne survey of 500 businesses in the UK, US, France and Germany revealed that nine in ten companies want to see IT security vendors offer a guarantee on their products and services, and 85 per cent claim they would change providers if they could find an alternate IT security vendor who offers a guarantee.

Law enforcement operation targets users of DDoS tools
From 5 to 9 December 2016, Europol and law enforcement authorities from Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom and the United States carried out a coordinated action targeting users of DDoS tools, leading to 34 arrests and 101 suspects interviewed and cautioned.

DDoS attacks via WordPress now come with encryption
Kaspersky Lab experts have noted an emerging trend – a growth in the number of attacks using encryption.

12 tips for implementing secure business practices
Optiv Security shared a list of a dozen tips for implementing secure business practices during the 2016 holiday season.

New minimum code signing requirements for use by all CAs
The Certificate Authority Security Council (CASC), an advocacy group committed to the advancement web security, announced the Code Signing Working Group has released new Minimum Requirements for Code Signing for use by all Certificate Authorities (CA).

Waterfall Security: Impact of IIoT on cybersecurity
Ten or twenty years ago, the protection of a critical piece of industrial infrastructure meant building a wall around it – or at least a perimeter fence with razor wire on the top. Admission to the site would be controlled at an entrance gate.

New infosec products of the week​: December 16, 2016
A rundown of infosec products released last week.

More about

Don't miss