Week in review: NotPetya, Facebook to inspect private messages, new issue of (IN)SECURE

Here’s an overview of some of last week’s most interesting news and articles:

With ransomware, pay up if you want to keep paying
So there you are, staring at a locked computer screen demanding a ransom. Do you pay? There are powerful reasons not to.

(IN)SECURE Magazine issue 54 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Cybersecurity battleground shifting to Linux and web servers
Despite an overall drop in general malware detection for the quarter, Linux malware made up more than 36 percent of the top threats identified in Q1 2017.

Eternal Blues: A free EternalBlue vulnerability scanner
Eternal Blues, is a free, one-click, easy-to-use EternalBlue vulnerability scanner that can tell users if one of their computers is vulnerable.

NotPetya attacker can’t provide decryption keys, researchers warn
While defenders and security researchers are sifting artefacts that could help prevent new NotPetya ransomware attacks and perhaps point to the identity of the attacker, the victims are trying to recover their systems.

Azure AD Connect vulnerability allows attackers to reset admin passwords
A vulnerability in Azure AD Connect could be exploited by attackers to reset passwords and gain unauthorized access to on-premises AD privileged user accounts, Microsoft warned on Tuesday.

German law enforcement gets new hacking powers
On Thursday, the Bundestag has voted to accept a new amendment that will expand the German police’s hacking powers.

Facebook moderators can inspect private messages of users suspected of terror links
Facebook’s human operators have special clearance to investigate user accounts suspected to belong to users having links to terrorist groups.

DHS to enforce extra security checks instead of airplane carry-on laptop ban
Travelers from all over the world who plan to fly into the US will be subjected to more rigorous security checks before being allowed to board the plane, the Department of Homeland Security has decided.

Making HTTPS phishing sites easier to spot
For years, we taught users that a website’s URL that includes https at its very beginning is a relatively good indicator of whether they can safely input sensitive information into it. Most users would not be able to explain why that is, exactly, but at least some have that recommendation firmly lodged in mind.

What makes a good security analyst: The character traits you need
An analyst’s personal experience and biases can be just as valuable or detrimental to their success in the job. Here are three work traits that make the difference between a good security analyst and a bad one.

The role of web filtering in a modern security architecture
Web filtering has had a somewhat dogged history and has been vastly misunderstood for many years.

The next frontier of cyber governance: Achieving resilience in the wake of NotPetya
Reliance on connected devices and computers, coupled with the lack of government-mandated and incentivized cyber defense for both public and private sectors, poses an intimidating threat to the world’s economy.

The path to protecting health data: 10 steps to get started
The path to protecting information starts with leadership, funding, reorganization, board buy-in and corporate culture. Hospitals and healthcare systems need prevention and treatment technologies, threat detection like email scanning, behavior analytics and remediation strategies.

Google researcher uncovers another RCE in Microsoft Malware Protection Engine
Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which powers a number of the company’s antivirus and antispyware software.

Criminalization of DNS for phishing continues to advance
Cybercriminals have been shifting their tactics markedly, by registering more and more domain names, rather using web servers and domains they have hacked into.

Making enterprise content management secure and scalable
Content is one of the most valuable commodities that any business owns. Yet enterprises are clearly challenged by the need to manage large volumes of content in multiple formats – and to do so in a compliant and secure manner.

South Korean banks threatened with DDoS attacks unless they pay $315,000
South Korean banks are being threatened with crippling DDoS attacks unless they pay $315,000 in bitcoin. The attackers threatening them identified themselves as the Armada Collective.

Most businesses will not put off cloud adoption because of security concerns
Businesses are pressing ahead with their digital transformation plans, despite fears of being hit by a cyber attack or data protection regulations.

New infosec products of the week​: June 30, 2017
A rundown of infosec products released last week.

More about

Don't miss