by Connor Madsen | Jun 3, 2016 | Industry Intel
There’s a lot that happens in the security world, with many stories getting lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
MySpace Hack Could Be Largest in Recent History
Recently, LeakedSource announced that they had obtained the login credentials for over 300 million MySpace users. While the leaked database doesn’t show the full credentials for every user (as some usernames/passwords were missing), over 100 million of the passwords had a username attached. Along with posting the entire dataset, LeakedSource also posted the top 50 passwords being used and their frequency of use.
http://www.itnews.com.au/news/myspace-breach-potentially-the-largest-ever-420184#ixzz4A9aotQr4
Majority of Phishing Emails Contain Ransomware
This week, PhishMe published a report showing that a staggering 93% of all phishing emails contained a dropper for some version of ransomware. This number, which contributes to the overall steady increase in phishing attempts (which have risen nearly 800% since the end of 2015), is likely as high as it is thanks to ransomware becoming increasingly easy to deploy and having a high success rate for extortion. With these numbers always on the rise, it’s important to remain vigilant for any suspicious emails containing attachments, especially ones asking for sensitive information.
http://www.csoonline.com/article/3077434/security/93-of-phishing-emails-are-now-ransomware.html
TeamViewer Possibly Hacked, Main Site Goes Offline
In news that has spread quickly over the past week or so, many users have claimed to have been hacked via TeamViewer, which has led to thousands of dollars of fraudulent charges being attained in only a few hours. According to many of the victims, the attacks took place in the early morning hours, with PayPal transfers to offshore accounts ranging from several hundred to several thousands of dollars. TeamViewer’s response to these claims has been the denial of any security issue. Rather, they’re stating that a DNS issue was at fault for their site and services being offline.
http://www.csoonline.com/article/3078000/security/teamviewer-users-reporting-unauthorized-access-hack-suspected.html
New Ransomware Variant Acts Like Virus
In the past week, a new form of ransomware, which behaves like a traditional computer virus by copying itself to new drive or network locations to continue propagating itself, was discovered. The variant, ZCrypt, comes through like typical ransomware via an email attachment from a seemingly harmless sender. It then requests downloading a zip file, which launches an executable of the same name (usually an Invoice or Order form), and displays the ransom splash screen.
https://nakedsecurity.sophos.com/2016/06/01/zcrypt-the-ransomware-thats-also-a-computer-virus/
Lenovo Warns of Security Flaw in Pre-Installed Software
This week, Lenovo has strongly recommended that all users should remove the pre-installed Accelerator Application from their computers, as the software makes no security checks when searching for and downloading updates. Amongst the flaws, the application doesn’t use encryption when making outside connections to download updates, nor does it check the validity of digital signatures for said updates, leaving users open for man-in-the-middle attacks during the time the system makes these update checks.
http://www.csoonline.com/article/3077935/security/lenovo-advises-users-to-remove-a-vulnerable-support-tool-preinstalled-on-their-systems.html
by Connor Madsen | May 27, 2016 | Industry Intel
Government IT Systems Long Outdated
In a recent study done by the Government Accountability Office, a large portion of the US government’s critical business systems have been found to be requiring an increasing amount for maintaining their basic operation, but also they are a major security risk. From defense systems to scientific research systems, these agencies are constantly working to maintain the aging infrastructure with little to no plans for replacement or any significant overhauls.
http://arstechnica.com/information-technology/2016/05/government-agencies-keep-sacrificing-cash-to-zombie-it-systems-gao-finds/
Microsoft Steps In To Increase Business Security
With the recent news of LinkedIn’s security breach, Microsoft has announced that users of Azure Active Directory will no longer be allowed to use passwords that were found in the LinkedIn breach to be the most common, and therefore vulnerable. By stopping these weak passwords from being used, Microsoft hopes to stop the bad habits that form around password creation, and keep more businesses secure.
http://www.theregister.co.uk/2016/05/25/microsoft_password_policy/
Kansas Hospital Pays Ransomware, Remains Encrypted
In the past week, another hospital was the focus of a ransomware attack that was fortunately mitigated enough to allow continuing operations and maintaining patient data. Although the hospital did pay the ransom initially, not all of their data was restored and a second demand for additional payment was issued. The hospital refused the demand and was able to resume operations quickly as they had a plan in place for a possible cyber attack.
http://www.techspot.com/news/64954-hackers-demand-ransom-payment-kansas-heart-hospital-files.html
Employees Still Number One Security Risk
It comes as no surprise that the majority of security breaches are caused by employee negligence and lack of knowledge on potential security hazards. A study released in the last week shows that half of the nearly 600 companies had experienced some for of security issue due to employee negligence, and of those companies, 60% felt it unnecessary to require additional security training. The study also revealed that most companies provide neither incentive for following correct security procedures nor consequences for the employee found to be at fault for the breach.
https://www.experianplc.com/media/news/2016/dbr-ponemon-institute-managing-insider-risk/
Hong Kong Bitcoin Exchange Hacked
Recently, the Hong Kong firm, Gatecoin was hacked and the attackers made off with nearly $2 million worth of cryptocurrencies. The company is still unsure of how the breach occurred, though Gatecoin has already begun work on improving it’s cyber security to prevent or deter these types of attacks in the future. In addition, the company has also offered a bounty for the return of any bitcoins that were taken.
http://www.forbes.com/sites/robertolsen/2016/05/24/hackers-steal-2-million-from-bitcoin-exchange-in-hong-kong-bounty-offered-to-recover-funds/#3af2641611c7
by Connor Madsen | May 20, 2016 | Industry Intel
A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
TeslaCrypt Closing It’s Doors
Here’s a bit of good ransomware news, for once. This week, it was brought to the attention of the security world that TeslaCrypt, one of the largest ransomware creators/distributors, was shutting down their operation for good. Researchers from ESET contacted TeslaCrypt via their support chat function and requested the master decryption key, which was provided freely, along with an instruction guide on how to use it.
https://www.helpnetsecurity.com/2016/05/19/end-of-teslacrypt/
New World Hackers Group Continues With University Hack
The New World Hackers (NWH), a hacktivist group participating in the OpAfrica Anonymous campaign, have targeted Limpopo University in South Africa in response to the ongoing human rights violations that are occurring in the country. Along with replacing the university’s main webpage, the group was able to gain access to both alumni and faculty personal information, which was then released publicly online.
http://news.softpedia.com/news/anonymous-leaks-data-from-south-african-university-504081.shtml
LinkedIn User Data On Sale
Recently, it was reported that the user account information of nearly 167 million LinkedIn users was available on the dark web 5 bitcoins, a small price. The leaked data likely comes from the 2012 hack of LinkedIn, in which over 6 million user accounts were made available, and resulting in hackers working to successfully crack a majority of the hashed passwords. While this breach doesn’t affect all of LinkedIn’s customers, it is advisable that all users change their passwords to avoid any potential future attacks on personal accounts.
http://www.computerworld.com/article/3071916/security/a-hacker-is-selling-167-million-linkedin-user-records.html?
Apple Pushes Out High Volume of Security Updates
This week, Apple started sending out security updates for all platform versions of its operating systems, with iOS alone receiving 39 different patches. These updates come just months after Apple participated in Pwn2Own, a hacking event focused on finding security vulnerabilities in the products of several industry leaders. Many of the patches are around the ways Apple product users view web content, with the goal being to keep them safe from any malicious attachments or redirects that may be lurking around.
http://www.eweek.com/security/apple-makes-security-improvements-to-ios-and-os-x.html
Germany Blames Russia for Cyber Attacks
German intelligence officials are pointing their fingers at Russia in regards to attacks dating back to 2015 on the German parliament, as well as the the more recent attacks on Chancellor Angela Merkel. In the past year, attacks originating in Russia have become increasingly common and have a wide spread of targets, including Ukraine’s power grid, TV stations in France, and computer system in the Netherlands. While it’s impossible to know for sure, many of the victims believe it to be the work of the Russian government rather than individual hackers.
http://www.securityweek.com/evidence-russia-behind-cyber-attacks-germany-secret-service?
Hacker Selling Pornhub Shell Access was a False Claim
In the past week, a hacker claimed to be selling shell access to Pornhub’s site, though this information later proved to be false. When contacted by Pornhub in regards to the vulnerability, the hacker was unable to provide any evidence of his capability to gain access or execute any injected code on the site. Pornhub has an ongoing bug bounty program, which will pay out up to $25,000 USD for the discovery of vulnerabilities on their sites.
http://www.csoonline.com/article/3070420/security/pornhub-said-to-be-compromised-shell-access-available-for-1-000.html
by Connor Madsen | May 13, 2016 | Industry Intel
A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
Microsoft and Adobe Vulnerabilities Revealed
In the past week, Microsoft announced a vulnerability in Windows, which would allow attackers to target users visiting a specific site and execute malicious code automatically. In the same statement, Adobe also issued a warning for Flash users, as an exploit was discovered that could allow remote access to unsuspecting computers. Patches for both issues are in the works, and users are strongly encouraged to run these updates promptly.
http://arstechnica.com/security/2016/05/beware-of-in-the-wild-0day-attacks-exploiting-windows-and-flash/
Google Breach Attributed to Third-Party Vendor
Recently, Google sent out an email to its employees, notifying them of a data breach that occurred with their benefits management partner. Fortunately for Google employees, the recipient of the unauthorized data contacted the company and deleted the information that was sent. As a result of the incident, Google is providing its employees with credit monitoring to safeguard against any fraud that may occur.
http://www.csoonline.com/article/3066841/internet/google-suffers-data-breach-via-benefits-provider.html
British Retailer Hacked for Customer Information
Kiddicare, a British children’s retailer, was recently targeted by attackers who gained access to the personal information of nearly 800,000 customers. The issue stems from a test website that Kiddicare created in late 2015, which contained a large quantity of real customer information, and was never secured or disposed of properly after testing was complete. It is still unclear why the test site was publicly accessible, but some customers have claimed to have received multiple phishing messages via text and email.
http://www.informationsecuritybuzz.com/hacker-news/experts-comments-data-breach-british-retailer-kiddicare/
School District Hit With Ransomware Attack
In the steadily-rising trend of infrastructure cyber attacks, a Texas school district is seeing the impacts firsthand. Multiple district websites were taken down when the Education Services Center’s servers were struck with ransomware. The district refused to pay the ransom and has been reasonably successful at restoring their systems from secure backups. Fortunately, no data was compromised and the sites have been mostly restored to their previous states.
http://www.timesrecordnews.com/news/education/insidious-malware-cripples-school-district-websites-in-region-11-cyber-attack-32953919-206c-55c1-e05-379065281.html
GPS Security Still Major Concern
GPS is used around the globe by nearly 4 billion individuals on a daily basis, and while it has become a necessity for many, it’s susceptible to be jammed, which makes it a potential security issue. GPS jamming can range from a localized area to a much larger region, with the user having no knowledge that the jam is occurring, and can cause a large disruption in functionality. Currently, the U.S. Air Force is working on a better version of GPS, which uses a stronger signal that has less chance of being broadcast over by a signal jammer.
http://www.csmonitor.com/World/Passcode/2016/0510/Why-GPS-is-more-vulnerable-than-ever
by Connor Madsen | May 6, 2016 | Industry Intel
Canadian Gold Mining Company Hit With Cyber Attack
In the past week it was discovered that Goldcorp, a major gold-mining company in Canada, had been hacked and employee information had been taken. The leak contains W2’s, dozens of bank account documents, and other sensitive employee information coming to a total of nearly 15GB of data and spanning the last 4 years. In addition to the leaked information, the company also received a demand for money in exchange for not releasing further data.
https://www.hackread.com/canadian-gold-mining-company-hacked/
Hackers Target Dridex Botnet
Ransomware has been a major player in the past couple years, with the Dridex botnet being used for a good portion of the distribution. Recently, researchers discovered a dummy file, containing only the words “STUPID LOCKY”, as the main payload of what appeared to be a malicious email attachment. While not every recipient is so fortunate, it does show that even the hackers aren’t completely hidden and susceptible to their own schemes.
https://www.helpnetsecurity.com/2016/05/05/dridex-botnet-hacked/
US Utility Companies Face Growing Ransomware Concern
Recently, a Michigan utility company was targeted with a ransomware attack that left many of their system utilities non-functioning. It appears no customer data was stolen as only their internal systems were compromised, however they’re still operating under limited functionality. This attack is just one in a long string of growing threats to infrastructure, be it in America or abroad.
http://www.theregister.co.uk/2016/05/03/michigan_electricity_utility_downed_by_ransomware_attack/
NSA Announces Increased Spying on Employees
In an effort to increase national security, the NSA has determined that their agents should have all internet access be monitored, both in the office and at home. To ensure NSA agents aren’t doing illegal activities on their own time, the agency does occasional network scans to monitor sites visited, online transactions, and use of social media. While under the claim of verifying whether the employees can handle highly sensitive information, it appears to be just another reason to invade the privacy of the people who are presumably highly trusted to ensure the security of the country.
http://www.presstv.ir/Detail/2016/05/03/463838/NSA-child-pornography-Kemp-Ensor-Defense-Security-Service-Daniel-Payne/
Wendy’s Credit Card Breach Leads them to Court
In the months following Wendy’s data breach, a credit union has filed a class action suit stating Wendy’s failed to update it’s card processing systems and left itself and it’s customers vulnerable to fraud for months. It is still unconfirmed how many of their nearly 6,000 stores were affected by the breach, but Wendy’s is still working with law enforcement and credit card companies to come to a good resolution.
by Connor Madsen | Apr 29, 2016 | Industry Intel
Bangladesh Bank Still Attempting to Recover
In the months following one of the largest cyber heists in history, the Bangladesh Central Bank is still in the process of retrieving the $81 Million that was stolen from it, and which remains unaccounted for. The latest update comes from SWIFT, the financial transaction co-op, that has publicly stated that the Bangladesh Central Bank incident was not singular, but rather part of a larger string of cyber attacks. With this declaration, SWIFT has also pushed out a security update that will hopefully make these types of attacks more difficult in the future.
http://www.reuters.com/article/us-cyber-banking-swift-exclusive-idUSKCN0XM2DI
Uber User’s Data Security is Not So Secure
With the rise in app-based ride services across the globe, Uber riders are seeing spikes in fraudulent charges from distant locations. In other words, users are getting charged for rides they couldn’t possibly have been on. While Uber is still confident they’ve had no security breach of user information, more and more accounts are popping up on the Dark Web, at surprisingly reasonable costs. The most likely explanation is that consumers are using the same usernames and passwords for multiple apps, an ill-advised practice that’s not secure by default, which could be causing the harvesting of these credentials.
http://www.csoonline.com/article/3059461/data-breach/uber-fraud-scammer-takes-the-ride-victim-gets-the-bill.html?
Qatar National Bank is the Latest Financial Target of Cyber Attacks
In the past week, Qatar National Bank has stated they were the victim of a cyber attack, which allowed 1.4GB-worth of sensitive customer information to be leaked onto the Dark Web. Among the data, researchers have found transactions and other financial records of many high profile clients, including the Qatar Royal Family, possible intelligence agents from around the world, and even data on Al Jazeera employees. Qatar National Bank has made no confirmation of a security breach, although the leaked information would appear to be legitimate.
http://abcnews.go.com/International/wireStory/large-qatari-bank-investigating-alleged-data-breach-38698362
Lifeboat Breach Could Lead to More Vulnerabilites
Recently, it was reported that Lifeboat Network, a Minecraft server provider, was hacked, with usernames/passwords being compromised. While Lifeboat issued a password reset to all users, who aren’t required to enter any personal or financial information when creating a login, users should still be cautious if they have re-used their passwords for other sites and change their passwords if this is the case.
https://www.helpnetsecurity.com/2016/04/27/lifeboat-data-breach/
Dating Site Exposes User Data
This week, yet another online dating site has been hacked and this time, the personal information of over 1 million individuals has been leaked. The site in question, Beautifulpeople.com, has stated that the leaked data was from a test server containing no user data. The server, which had no admin password to access, has since been taken offline.
https://www.wired.com/2016/04/beautiful-people-hack/
Separate tags with commas
SWIFT, Uber, Bangladesh Central Bank Breach, Dating site breach, Uber data security, data security, Minecraft, Lifeboat breach, cyber attacks, financial breach
by Connor Madsen | Apr 26, 2016 | Industry Intel
A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
Quicktime for Windows No Longer Supported
This week, Microsoft announced they would no longer be supporting the Quicktime media player and strongly recommended to completely uninstall it in order to avoid any malicious attack through the software, which will no longer receive patches. Several flaws have been found that could leave users open for attackers to access and infect the system. At present, the Mac version of Quicktime is still being supported with security updates.
http://n4bb.com/uninstall-quicktime-windows-microsoft-stops-support/
Security Flaw Leaves Phone Users Vulnerable
Most telecom companies around the world use the same routing protocol, SS7, for allowing users to contact others around the globe. However, SS7 also allows access to an individual phone and can even be maliciously aimed at gaining call recordings, geographical locations, and other personal information. This flaw, while dangerous in the hands of cyber criminals, is also used by the NSA and other intelligence agencies for data gathering and monitoring for suspicious activities.
http://arstechnica.com/security/2016/04/how-hackers-eavesdropped-on-a-us-congressman-using-only-his-phone-number/
Cyber Security Lacking in Majority of Companies
In a recent threat intelligence report, it was discovered that over 75% of business organizations have no method of response for cyber attacks, and only obtain these critical services after they have been targeted. While individual sectors are seeing a steady rise in malware attacks on their systems, it’s difficult to believe that a large portion are still unprepared for the attacks being reported in the news on a daily basis. And yet, here we are.
http://www.channelpartnersonline.com/news/2016/04/most-businesses-have-no-cyberattack-response-capa.aspx
Latest Encrypting Ransomware Aims at Bitcoin
In the past week, a new ransomware variant known as CryptXXX has been spotted in the wild that will both encrypt your data and steal bitcoins and other sensitive information located on the system. It appears to be from the same creators as Reveton, an older variant of encrypting ransomware, but with several advances that help it access stored passwords and lock users out of the system.
http://bravenewcoin.com/news/cryptxxx-set-to-become-the-worst-bitcoin-stealing-ransomware-yet/
End-to-End Message Encryption On the Rise
With the recent news about the FBI breaking Apple’s encryption to access sensitive information, more and more companies are working towards enhancing their current encryption standards. Viber, which makes the popular messaging app, has just announced they will be providing full end-to-end encryption for any and all data sent in messages, though it will take some time for all of its 700 million users to update to the latest version. Moreover, with Viber being an Israel-based company, they will not be directly affected by any US Congress decisions regarding encryption and the governments ability to access encrypted information.
http://www.wired.com/2016/04/viber-encrytpion/
by David Dufour | Apr 18, 2016 | Business + Partners
Previous posts in this series provided an overview of threat intelligence, its role within the IoT space, and how it can be used to prevent threats at the network perimeter in IoT Gateways. With the evolution of internet-connected devices and their growing resource capabilities, these “things” will increasingly become connected directly to the internet, forgoing connectivity through traditional perimeter appliances, and in essence becoming their own gateways or firewalls. This evolution will require a new approach to security in terms of moving protective mechanisms from robust perimeter equipment into the devices themselves. This post focuses on how the use of separation kernel technology can help in this move from security at the perimeter to enabling the use of threat intelligence on the device.
An effective way of bringing threat intelligence to devices is through the use of a separation kernel. Separation kernel technology provides a mechanism for controlling the flow of data and commands between an operating system and the hardware on which the operating system resides. In its simplest form, it is a tiny kernel that sits between all hardware functions on a device and the operating system. This separation provides a mechanism for identifying threats outside of a host operating system. Here are two very straightforward ideas on how to quickly implement threat intelligence at the device level through the use of separation kernels:
- Traffic Flow Monitoring: Most gateway or perimeter devices provide a mechanism for traffic flow analysis through the use of packet inspection and threat intelligence. This can be achieved on a device by building tiny monitoring applications that live in a secure memory space outside of a host operating system, but are accessible by the separation kernel. Traffic can be analyzed in this secure space for threats so action can be taken before it is allowed to pass into the operating system or out of the device. This essentially brings the ability to apply network security and policy management to the “thing”.
- Malicious File Identification: Using the same model described above, it would be possible to analyze files outside of a user’s operating system by identifying threats before they have access to user memory and application space. Files could be assembled in a secure memory space for hashing and looked up in a cloud-based ecosystem for threat determination. In the case of unknown files, additional analysis could be performed locally to identify any threats before they have access to the user memory or application space.
These are only two basic examples of what could be done through the use of threat intelligence on a device. As the Internet of Things continues to expand, there will undoubtedly be more and more approaches that bring existing network and perimeter security to the device. The next and final installment of this series will explore some of these ideas.
by Connor Madsen | Apr 8, 2016 | Industry Intel
A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
Credit Card Breach at Trump Hotels
It has recently been reported that the Trump Hotel chains have been the target of yet another credit card breach, which is currently affecting several locations around the world. This comes less than a year after their last report of suspicious payment activity, in which they confirmed their systems had been hit with info-stealing malware.
http://krebsonsecurity.com/2016/04/sources-trump-hotels-breached-again/
Panama Papers Released
In what is currently considered to be the largest data leak in history (containing over 2.6 TB of information), a laundry list of celebrities and major political figures have been tied to offshore bank accounts. While having an offshore corporation is perfectly legal, many of those listed were using tax havens to hide their considerable wealth by using an offshore law firm, Mossack Fonseca, to manage their funds.
http://www.theguardian.com/news/2016/apr/03/what-you-need-to-know-about-the-panama-papers
Updating Passwords Occurs Less Among IT Admins
Most people understand the importance of changing passwords for sensitive accounts regularly, but those who often recommend these changes are at times ending up as the worst offenders. In a recent survey, IT Admins were shown to insist users change their credentials more often than they changed the credentials themselves. Furthermore, an astounding 10% of IT Admins admitted to having never changed the administrative credentials used in their organizations.
http://www.techweekeurope.co.uk/security/security-management/lieberman-software-it-admins-passwords-189155
Visa Database Potential Identity Risk
In the past week, an internal study conducted by the U.S. State Dept. revealed vulnerabilities in the visa application database, which contains hundreds of millions of confidential personal records. Currently, there has been no indication of a breach, but work is being done to seek out any vulnerabilities that haven’t already been resolved. Many of the issues they’re facing are related to aging technical systems and lack of upgrades.
http://www.fiercegovernmentit.com/story/vulnerabilities-visa-database-could-put-290m-personal-records-risk/2016-04-04?
LA Times Confirms their Site was Hacked
On Wednesday, it was reported that someone was able to access the LA Times website using a vulnerability in WordPress, and was offering this access for purchase. According to the LA Times, the security flaw has been resolved and they have added additional security precautions to prevent future breaches.
http://www.csoonline.com/article/3051598/security/la-times-said-to-be-compromised-shell-access-offered-up-for-sale.html?
by Connor Madsen | Apr 1, 2016 | Industry Intel
A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.
MedStar Health, Latest Medical Services Ransomware Target
Early this week, MedStar Health, one of the largest healthcare providers in Maryland, was the victim of a ransomware attack that lead to the complete shutdown of their computer systems. Fortunately, for patients, it appears no information was stolen and all of their facilities have remained open, though currently lacking access to digital patient records.
http://www.csoonline.com/article/3048825/security/ransomware-attack-hits-medstar-health-network-offline.html#tk.rss_news
College Board Reports Security Breaches Allow Leaked SAT Tests
Recently, it has been discovered that, due to many security vulnerabilities in the College Board, the most recent version of the SAT has been compromised in several Asian countries. The latest report confirms that many prep schools throughout China and South Korea are teaching past SAT questions that will likely be used again, allowing some students to attain perfect scores, by having studied the answers beforehand.
http://www.reuters.com/investigates/special-report/college-sat-one/
Phishing Attack Nearly Costs Mattel $3 Million
Last year, toy maker Mattel was the victim of a phishing attack that lead to $3 million USD being transferred to a bank in Wenzhou, China. In this case, the new CEO’s email was spoofed to a financial executive that requested a large transfer, that was luckily caught and the account frozen before it was withdrawn. With social engineering being a prevalent source of corporate information, authentication for highly sensitive transfers of information or funds should be mandatory.
http://www.csoonline.com/article/3049392/security/chinese-scammers-take-mattel-to-the-bank-phishing-them-for-3-million.html#tk.rss_news
Federal Court Phone Scams On the Rise
Many people have been the victims of a scam call asking for access to your computer, or scaring you into giving up credit card information, but lately a new call has people worried. It comes in the form of a demand to quickly pay a fine for missing a jury duty summons, or have a warrant issued for your arrest. This type of scare tactic has become more aggressive, but also more detailed with the information they seem to “know” about you.
https://nakedsecurity.sophos.com/2016/03/31/us-federal-court-you-didnt-show-up-for-jury-duty-scammers-slicker-than-ever/
Computer Science Student Finds Valve Vulnerability
This week, a 16-year old student from the University of Salford successfully exploited a vulnerability that allowed him to publish a game to Steam without being reviewed by a Valve employee. He also made a blog post explaining how he was able to go about exploiting the bug, which has since been fixed.
https://www.helpnetsecurity.com/2016/03/30/steam-review-bypass/
