Government IT Systems Long Outdated

In a recent study done by the Government Accountability Office, a large portion of the US government’s critical business systems have been found to be requiring an increasing amount for maintaining their basic operation, but also they are a major security risk. From defense systems to scientific research systems, these agencies are constantly working to maintain the aging infrastructure with little to no plans for replacement or any significant overhauls.

http://arstechnica.com/information-technology/2016/05/government-agencies-keep-sacrificing-cash-to-zombie-it-systems-gao-finds/

Microsoft Steps In To Increase Business Security

With the recent news of LinkedIn’s security breach, Microsoft has announced that users of Azure Active Directory will no longer be allowed to use passwords that were found in the LinkedIn breach to be the most common, and therefore vulnerable. By stopping these weak passwords from being used, Microsoft hopes to stop the bad habits that form around password creation, and keep more businesses secure.

http://www.theregister.co.uk/2016/05/25/microsoft_password_policy/

Kansas Hospital Pays Ransomware, Remains Encrypted

In the past week, another hospital was the focus of a ransomware attack that was fortunately mitigated enough to allow continuing operations and maintaining patient data. Although the hospital did pay the ransom initially, not all of their data was restored and a second demand for additional payment was issued. The hospital refused the demand and was able to resume operations quickly as they had a plan in place for a possible cyber attack.

http://www.techspot.com/news/64954-hackers-demand-ransom-payment-kansas-heart-hospital-files.html

Employees Still Number One Security Risk

It comes as no surprise that the majority of security breaches are caused by employee negligence and lack of knowledge on potential security hazards. A study released in the last week shows that half of the nearly 600 companies had experienced some for of security issue due to employee negligence, and of those companies, 60% felt it unnecessary to require additional security training. The study also revealed that most companies provide neither incentive for following correct security procedures nor consequences for the employee found to be at fault for the breach.

https://www.experianplc.com/media/news/2016/dbr-ponemon-institute-managing-insider-risk/

Hong Kong Bitcoin Exchange Hacked

Recently, the Hong Kong firm, Gatecoin was hacked and the attackers made off with nearly $2 million worth of cryptocurrencies. The company is still unsure of how the breach occurred, though Gatecoin has already begun work on improving it’s cyber security to prevent or deter these types of attacks in the future. In addition, the company has also offered a bounty for the return of any bitcoins that were taken.

http://www.forbes.com/sites/robertolsen/2016/05/24/hackers-steal-2-million-from-bitcoin-exchange-in-hong-kong-bounty-offered-to-recover-funds/#3af2641611c7

 

 

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This