Week in review: Amazon scammers hijack seller accounts, Shadow Brokers say goodbye

Waterfall Security: Trust issues with your firewalls? Eliminating vulnerabilities that accompany firewalls is a click away.

Here’s an overview of some of last week’s most interesting news and articles:

Employee burnout: The biggest workplace challenge in 2017
A new study by Kronos and Future Workplace found 95 percent of human resource leaders admit employee burnout is sabotaging workforce retention, yet there is no obvious solution on the horizon.

Amazon scammers hijack seller accounts, lure users with good deals
Amazon buyers are being targeted by clever scammers that either set up independent seller accounts or hijack those of already established, well-reputed sellers, then offer pricy items at unbeatable prices.

Shadow Brokers say goodbye, leak a batch of Windows hacking tools
The Shadow Brokers, a group (?) of hackers that has made a big splash in August last year by leaking and offering for sale exploits supposedly stolen from the infamous Equation Group, has decided to call it quits , but not before offering a parting gift.

This year’s top identity technology trends
HID Global forecasts a shift in the use of identity technology that will lead to increased adoption of mobile devices and the latest smart card technology, a greater emphasis and reliance on the cloud, and a radical new way of thinking of trust in smart environments and Internet of Things (IoT).

Mobile forensics firm Cellebrite confirms data breach
Israeli mobile forensics firm Cellebrite has announced that it has suffered a data breach following an unauthorized access to an external web server.

Adobe quietly bundles data-collecting Chrome extension with latest Reader update
Chrome users who have installed the latest Adobe security updates have also been unknowingly saddled with a browser extension (“Adobe Acrobat”) that can collect some of their operating environment data.

Will 2017 be the year of ransomworm?
Although we haven’t seen many wildly successful network worms lately, they’re still a threat. All it takes is for one black hat to find a new zero-day networking software flaw and wide-spread ransomworm becomes a real possibility.

SysAdmin Magazine: Best of 2016
In the last issue of SysAdmin Magazine you’ll find the best articles of 2016. From data security to ransomware and cloud adoption – the hottest topics of this year collected in one edition.

Unsanctioned cloud services present growing problem for organizations
Enterprise cloud service usage continues to rise, and despite the best efforts of IT, unsanctioned cloud service usage remains a problem as half of all users of sanctioned cloud storage services also have a personal instance of the same cloud service.

Brother and sister arrested for spying on Italian politicians for years
Two Italian siblings have been arrested on Monday and stand accused of having spied on Italian politicians, state institutions and law enforcement agencies, businesses and businesspeople, law firms, leaders of Italian masonic lodges, and Vatican officials for years.

The rewards of advanced agile and DevOps adoption
Results from a new CA Technologies global study reveal that advanced users of agile or DevOps realized significant increases of up to 52 percent in customer satisfaction and up to 50 percent in employee productivity.

Featured talks at the upcoming Hack In The Box Security Conference
The 8th annual Hack In The Box Security Conference in Amsterdam will feature brand new 2 and 3-day hands-on technical trainings covering a wide variety of topics from Linux kernel exploitation techniques to advanced malware analysis and more.

CISSP Planning Kit: Your guide to CISSP certification and beyond
Studying for the CISSP exam can seem overwhelming, which is why (ISC)2 developed this quick guide.

The gift that keeps giving away your data
If you unwrapped a shiny, new connected device this holiday season, it’s likely that you’re in the honeymoon stage, reaping many benefits from your new device. However, this story about a smart toy that is popping up on a variety of news sources makes you think twice about what happens after the initial “oohs” and “ahhs” subside.

Addressing the challenges of vulnerability coordination
The FIRST Vulnerability Coordination Special Interest Group (SIG) made available for public comment through January 31, 2017 the draft Guidelines and Practices for Multi-party Vulnerability Coordination.

Information security consulting market to reach $26.15 billion by 2021
The information security consulting market is estimated to grow from $16.12 billion in 2016 to $26.15 billion by 2021.

After a terrible year for cybersecurity, will 2017 be any better?
Will we see another record year of breaches that seem to take us by surprise every time? Possibly, and for one good reason: there is no fool-proof protection against human stupidity – inadvertent or otherwise.

FDA urges patients to implement patch to secure their cardiac implants
Patients who have been implanted with pacemakers and defibrillators manufactured by US-based St. Jude Medical are urged to make sure that their Merlin@home Transmitter unit is plugged in and connected to the Merlin.net network, so that it can receive a critical security patch.

New infosec products of the week​: January 13, 2017
A rundown of infosec products released last week.