Here is our latest news roundup of articles about network and SSL security. (Click here to see the whole series.)
SSL & Encryption
- Google recently released a list of Certificate Authorities that are not trusted by browsers.
Data Breaches
- A cybercriminal attempted to sell sensitive information for 1.5 million Verizon customers on the black market after breaching Verizon’s network.
- In October of last year, Trump Hotels suffered a breach through their payment system. Earlier this month, Trump Hotels suffered another credit card data breach.
- Stanford University suffered a tax-related data breach. Criminals stole W-2 forms from 3,500 Stanford employees.
- A former FDIC employee caused a major data breach, which affected 44,000 customers.
- A recent data breach in the Philippines exposed 54.36 million registered voters.
- 50 million Turkish citizens may have had their personal information exposed in a recent data breach.
Vulnerabilities
- A security researcher found that a flaw in Cisco UCS servers could allow a hacker the ability to hijack servers with a malicious HTTP request.
- Researchers discovered that cybercriminals could circumvent a faulty, three-year-old Java patch.
- Vulnerable servers leave hospitals open to ransomware attacks.
- Adobe alerted users of a critical vulnerability being exploited by attackers.
Malware
- Researchers discovered a banking malware that cybercriminals used to steal millions of dollars from banks across the U.S. and Canada in a matter of days.
- A malware dubbed Multigrain can steal credit card data from PoS systems.
- A new ransomware called Petya uses cloud storage sites such as DropBox to infect users.
- MedStar Health joins the list of healthcare providers that have been taken offline because of a malware attack.
- A malvertising campaign serving the Angler exploit kit hit Netherland’s top sites.
Cybercrime
- For the past two years, every two weeks or so phishers have been targeting one CEO in an attempt to trick him into wiring them money.
- A cybercrime group is targeting retail and hospitality companies that are still using weak PoS systems.
- Large DDoS attack hit China-based lottery site. The attack was successful because it hit weak spots in the site’s DDoS protection platform.
- Buhtrap a Russian hacking group has performed 13 successful attacks, stealing billions from Russian and EU banks.
- Researchers and law enforcement worked together to take-down a botnet that enslaved 4,000 Linux.
IoT
- FBI warns farmers using IoT connected farm equipment that equipment hacks and data breaches are likely to occur in the near future.
- A flaw in common IoT connected door controllers can allow a hacker to unlock doors.
Research & Studies
- In a study, Google found that approximately 800,000 websites have been infected with malware or some other type of malicious content.
- 10% of organizations don’t have a cybersecurity framework in place, according to a new survey.
- A recent survey found that 45% of respondents do not know how long it would take their company to detect a data breach.
- Vormetric report finds that over 60% of federal agencies have been victims of a data breach.
- Researchers found that over 3 million servers are running vulnerable JBoss software, leaving servers open to attack.
- Because of misconfigured networks and outdated software, thousands of companies are vulnerable to cyberattack, says an investigation by F-Secure.
- According to researchers, malware will soon enter into a new era where malware self-propagates.
- Ransomware attacks are increasing and most companies are unprepared for them, according to a new Ponemon Institute survey.
- FBI warns that business email compromise is becoming a major threat to companies and has cost US companies over $ 2.3 billion in losses since 2013.
- In a Ponemon Institute survey, 39% of healthcare IT professionals said that their healthcare organizations did not know how to protect themselves from a cyberattack.
- Cybercriminals target healthcare organizations more than any other industry, according to 451 Research.
- A new study revealed that 14% of doctors store patient information on unprotected cell phones or other mobile devices.