A lot happens in the security world, some big and some small, and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
Samsung Smart TV’s, Too Smart?
Recently, it has come to attention that Samsung Smart TV’s and their remotes have the capability to record and transmit any spoken words to a third-party company for use in providing voice recognition functionality. Samsung has updated their EULA in response to the questionable section regarding consumers not talking about sensitive, personal information near the TV, as it will be recorded and sent off for analyzing.
Cybersecurity Insurance Leading to Rise in Ransom Payouts
With ransomware becoming ever more prevalent, cybersecurity insurance has taken on ransom coverage as well, but also leads to more companies merely accepting the ransom and paying it. While nearly a quarter of companies would be willing to pay the ransom, and having cyber insurance raises that amount, the expected payout may still not cover the total cost of the attack; especially the loss of the company’s reputation in the marketplace.
L.A. Hospital Hit With Ransomware
In the last week, the Hollywood Presbyterian Medical Center was the target of a ransomware attack, in which the hospital ended up paying $17,000 in bitcoins to reassume control of their systems. They are still unsure of the origin of the attack, although officials claim no patient data was compromised.
High Cost of Spear Phishing Attacks
Opening an email is now one of the most dangerous tasks many companies face every day. As the prevalence of spear phishing grows, the majority of U.S. companies have been targeted at some point in the last year, with the average cost of $1.6 million in financial damages. While email filtering can be effective, the real problem comes down to the employees who lack sufficient training in spotting these types of attacks
Read More: http://www.infosecurity-magazine.com/news/spear-phishing-incident-average/
Using VoIP Phones Could Prove Risky
Many companies use VoIP phones in their offices, connected to their internal networks, but lacking any security greater than the default settings. Without increasing these settings from their factory-sent state, it can leave a significant gap in protection for unwanted attackers. Unfortunately, many phone companies don’t require any authentication when using the phones, nor do they require consumers to create strong passwords.
Read More: https://www.helpnetsecurity.com/2016/02/16/voip-phones-can-turned-spying-money-making-tools/