December 2016 - Page 4 of 9 - Cyber Security Minute

Medical data: Accessible and irresistible for cyber criminals

Issued by: CSO

How valuable is personal healthcare data? Apparently it depends. Based on at least some price comparisons on the Dark Web – the underground online marketplace for cyber criminals – electronic health records (EHR) are not even close to premium goods. McAfee, now a division of Intel Security, reported recently that the price for an individual medical…

Malware & Threats

Highly lucrative Ransomware as a Service attacks poised to accelerate in 2017

Issued by: Help Net Security

Ransomware can be likened to global warming. It’s been around for years, but it’s now becoming an epidemic which needs serious attention. According to a recent survey conducted by Osterman Research, nearly 50% of U.S. companies experienced a “ransomware incident” over the last year. Without taking into account the number of unreported ransomware incidents, the…

Network Security

LinkedIn skill learning unit Lynda.com hit by database breach

Issued by: CSO

Lynda.com, the online learning unit of LinkedIn, has reset passwords for some of its users after it discovered recently that an unauthorized external party had accessed a database containing user data. The passwords of close to 55,000 affected users were reset as a precautionary measure and they have been notified of the issue, LinkedIn said…

Malware & Threats

Phishing email scams 108 government employees, 756,000 people affected by breach

Issued by: CSO

On Friday, The LA County Chief Executive Office issued a public notice that 756,000 Californians were going to be receiving breach notification letters, after a single Phishing email scammed more than one hundred county employees. The notice also said a warrant has been issued for the Nigerian responsible for the Phishing attack.

Cloud Security

GDPR Compliance Regulations: The New Challenge for the Cloud Operations Manager

Issued by: Security Intelligence

In December 2015, the European Union (EU) announced a framework designed to combine the various data protection laws throughout the region. The General Data Privacy Regulation (GDPR) impacts many industries, from coffee shops to football clubs. It essentially affects any institution that retains personal information, especially businesses that store or handle data in multiple countries….

Application Security

Evernote backs off from privacy policy changes, says it ‘messed up’

Issued by: CIO Security

Evernote has reversed proposed changes to its privacy policy that would allow employees to read user notes to help train machine learning algorithms. CEO Chris O’Neill said the company had “messed up, in no uncertain terms.” The move by the note-taking app follows protests from users, some of whom have threatened to drop the service…

Network Security

Nagios 4.2.4 closes serious root privilege escalation bug

Issued by: Help Net Security

If you’re using Nagios to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release fixes a high severity root privilege escalation vulnerability (CVE-2016-9566) discovered by researcher Dawid Golunski, who published a proof-of-concept exploit for it on Thursday.

Malware & Threats

Fighting Advanced Ransomware Attacks Requires Game-Changing Technology

Issued by: Security Intelligence

Ransomware is one of the fastest-growing cyber-security threats facing organizations and individuals today. Attackers are holding everything from government records to health care equipment and even the keys to entire transit systems for ransom. According to new data from IBM, victims are paying up. More than half of the business executives that responded to the…

Malware & Threats

Goldeneye Ransomware – the Petya/Mischa combo rebranded

Issued by: Blog Malwarebytes

From March 2016 we’ve observed the evolution of an interesting low-level ransomware, Petya – you can read about it here. The second version (green) Petya comes combined with another ransomware, packed in the same dropper – Mischa. The latter one was deployed as an alternative payload: in case if the dropper was run without administrator…

Malware & Threats

BrandPost: New POS Malware Attacks Are Becoming More Aggressive

Issued by: CSO

Professionally written-malware is rarely unsubtle. Long, slow and stealthy attacks are generally the rule—but a rogue malware author has decided to break that rule by going fast and loud. What’s more, this approach is actually finding a great deal of success, which should have retailers worried in the lead up to the holiday season. How…