Situation Awareness 06.06.16
Trends
Data breaches continue to increase, according to figures from Beazley
http://www.propertycasualty360.com/2016/03/15/data-breaches-continue-to-increase-according-to-fi
Small Business CFOs Report Fewer Cyber Attacks
http://ww2.cfo.com/cyber-security-technology/2016/03/small-business-cfos-report-fewer-cyber-attacks/
Attacks
Bank robbery in progress: New attacks from Carbanak group target banks in
Middle East and US
* See more at: https://www.proofpoint.com/us/threat-insight/post/carbanak-cybercrime-group-targets-executives-of-financial-organizations-in-middle-east#sthash.bwRKBGx0.dpuf
1-800 FLOWERS warns that hacker may have stolen customers’ personal info
1-800 FLOWERS warns that hacker may have stolen customers’ personal info
The Bank of England Is Under Threat From ‘Advanced, Persistent’ Hackers
http://www.bloomberg.com/news/articles/2016-03-15/bank-of-england-sees-threat-from-hackers
Big-name sites hit by rash of malicious ads spreading crypto ransomware
http://news.hitb.org/content/big-name-sites-hit-rash-malicious-ads-spreading-crypto-ransomware
Crypto-ransomware Spreads via Poisoned Ads on Major Websites
http://www.tripwire.com/state-of-security/security-data-protection/crypto-ransomware-spreads-via-poisoned-ads-on-major-websites/
Millions menaced as ransomware-smuggling ads pollute top websites
http://www.theregister.co.uk/2016/03/15/massive_us_malvertising_campaign/
STEAM STEALER MALWARE ‘BOOMING BUSINESS’ FOR ATTACKERS TARGETING GAMING SERVICE
http://threatpost.com/steam-stealer-malware-booming-business-for-attackers-targeting-gaming-service/116792/
MASSIVE MALVERTISING CAMPAIGN LANDS ON TOP WEBSITES
Malware
TeslaCrypt 3.1? New Ransomware Strain Removes ShadowCopies via WMI
http://www.minerva-labs.com/#!TeslaCrypt-31-New-Ransomware-Strain-Removes-ShadowCopies-via-WMI/c7a5/56e82c410cf221f9af2e229a
Large Angler Malvertising Campaign Hits Top Publishers
https://blog.malwarebytes.org/malvertising-2/2016/03/large-angler-malvertising-campaign-hits-top-publishers/
Vulnerabilities
DROWN Vulnerability Still Unpatched by Most Cloud Services
http://www.securityweek.com/drown-vulnerability-still-unpatched-most-cloud-services
Beware PowerSniff! Malware uses Word macros and PowerShell scripts
https://www.grahamcluley.com/2016/03/beware-powersniff-malware/
VMware vRealizes that vRealize has XSS bugs on Linux
http://www.theregister.co.uk/2016/03/16/vmware_vrealizes_that_vrealize_has_xss_bugs_on_linux/
General
Most breaches at surveyed U.S. organizations small and undetected: report
http://www.canadianunderwriter.ca/news/most-breaches-at-surveyed-u-s-organizations-small-and-undetected-report/1004075465/?&er=NA
Cyber insurance still leaves breach victims out of pocket
http://www.insurancebusinessonline.com.au/news/cyber-insurance-still-leaves-breach-victims-out-of-pocket-213159.aspx
Don’t Blame the Fed: Bangladesh Seen at Fault for Bank Heist
http://www.bloomberg.com/news/articles/2016-03-14/don-t-blame-the-fed-bangladesh-seen-responsible-for-bank-heist
Cybersecurity Taken Too Lightly By U.K. Companies
http://blogs.wsj.com/riskandcompliance/2016/03/14/cybersecurity-taken-too-lightly-by-u-k-companies/
Ransomware Report: Is China Attribution Merely Hype?
http://www.databreachtoday.com/blogs/ransomware-report-china-attribution-merely-hype-p-2085
Threat Intelligence’s Big Data Problem
http://www.darkreading.com/threat-intelligence/threat-intelligences-big-data-problem/d/d-id/1324702
Google adds worldwide HTTPS info to transparency report
http://www.theregister.co.uk/2016/03/16/google_adds_worldwide_https_info_to_transparency_report/
CISO Playbook: Suit-up & Play Offense
http://www.darkreading.com/operations/ciso-playbook-suit-up-and-play-offense-/a/d-id/1324690?_mc=RSS_DR_EDT
GeoPol
Hong Kong and Macau to be integrated with nine mainland provinces: State Council plan
http://www.scmp.com/business/article/1925690/hong-kong-and-macau-be-integrated-nine-mainland-provinces-state-council
UK Snoopers’ Charter crashes through critics into the next level
http://www.theregister.co.uk/2016/03/16/snoopers_charter_goes_to_next_stage/
Related posts