Almost exactly a year after Yahoo announced they suffered the largest data breach to-date, officials corrected the estimated number of users affected in a statement released on October 3rd. The initial estimation, which was made when they first announced their data breach in September 2016, was that the details of 500 million users were stolen. Three months later, Yahoo upped their assessment to one billion users. However, Yahoo is now telling users that virtually everyone who has a Yahoo account has had their data stolen. That’s correct, all THREE BILLION users have had their sensitive data stolen.
As of now, 48 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have implemented legislation that requires private or government entities to notify individuals if they have experienced a security breach. Alabama, New Mexico, and South Dakota are the three remaining states who don’t have official security breach notification laws. Even my Midwestern home-state of Iowa now has a mandatory data breach notification law.
March was a month where a lot of small ransomware variants appeared but never came to fruition. There was, however, an update on CryptoLocker making its return, Cerber added a couple of new features, and Android ransomware appears to be here to stay. We also have a list of decryptors that were released, enabling you to recover your files without paying the ransom.
A zero-day attack named Double Agent has been discovered that exploits a 15-year-old feature in Windows from XP through Windows 10. The attack has the ability to take over antivirus software on machines running Windows and turns them into a weaponized Trojan capable of attacking the very system it was designed to protect.
Phishing is one of the most common attack vectors hackers use to initially infiltrate a user’s system. Phishing is an attempt to obtain user credentials, financial data, or other sensitive information by emulating a legitimate email communication. Phishing emails can also be used to trick a user into clicking on a malicious attachment or link that is embedded into an email. Spear phishing, on the other hand, is a targeted phishing campaign where hackers first research their target individual or company to increase their chance of success. By doing this, hackers attempt to appear more trustworthy as a legitimate business entity thus making the target less suspicious. Spear phishing presents a much greater threat than phishing in general as the targets are often high-level executives of large corporations.
WikiLeaks dropped a bombshell on Tuesday, March 7th when it began a new series of leaks on the U.S. Central Intelligence Agency. Code-named Vault 7, Year Zero is the first series and is comprised of 8,761 documents and files from inside the Central Intelligence Agency’s (CIA) high-security network. Below are 7 revelations from Vault 7.
Advanced Persistent Threats (APT) and ransomware have been the most dreaded types of malware over the last couple of years. While there are clear and distinct differences between APTs and ransomware, we are now seeing the two being paired together to create a type of hybrid malware.
Although February was a short month, there certainly wasn’t a shortage of new ransomware variants. While there were several variants that will probably never make it into circulation, there was some notable ransomwares that we should all be aware of. We will review the most notable ransomware variants throughout the month as well as provide an update on new versions that infect Android devices. Unfortunately, there weren’t any decryption keys that were released over the last 28 days.
Stuxnet is known as the world’s first cyber weapon. Stuxnet was used to break Iran’s uranium enrichment centrifuges when it was feared they were producing chemical weapons. While there’s no proof as to who created the zero-day exploit, everyone seems to agree that it was the National Security Agency (NSA) who launched the digital weapon. Stuxnet, which was previously named ‘Olympic Games’, made its way into the Iranian nuclear enrichment facility at Natanz in 2006. The code infected specific industrial control systems the Iranians were using and proceeded to speed up or slow down the centrifuges until they destroyed themselves, all while the operators’ computer screens showed everything was working as normal.
In this day and age, it seems like you can sue or be sued for almost anything. Now, a company is being sued for cybersecurity negligence. That’s right; you can be sued for not having proper cybersecurity measures in place. Johnson & Bell, a Chicago-based law firm, is involved in a lawsuit for being negligent and engaging in malpractice by allowing information security vulnerabilities to develop that created risks to client information.