Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Vulnerabilities Are Affecting the CAN Standard of Connected Cars
In many instances, researchers and engineers have found ways to hack into modern, internet-capable cars, as has been documented and reported several times. One famous example is the Chrysler Jeep hack that researchers Charlie Miller and Chris Valasek discovered.
There Are Benefits to Knowing Information Security Breach Attribution
Earlier this week the iSMG Fraud and Breach Prevention Summit in New York City featured a fascinating conversation on the value of attribution, led by Gartner’s Avivah Litan. The panel was called: “Moving from Indicators of Compromise to Indicators of Attack: But Will Attacker Attribution Really Help Us?”
GhostClicker Adware is a Phantomlike Android Click Fraud
We’ve uncovered a pervasive auto-clicking adware from as much as 340 apps from Google Play, one of which, named “Aladdin’s Adventure’s World”, was downloaded 5 million times. While the majority of the said apps have been taken down, 101 were still downloadable as of August 7, 2017.
ZDI Published Two 0-Day Advisories for Vulnerabilities in Foxit
The beauty of these vulnerabilities is their simplicity by nature, and that they are not memory corruption vulnerabilities. To be exact, they are Command Injection and File Write vulnerabilities that can be triggered through the JavaScript API in Foxit Reader.
One of the most successful families of ransomware has returned once again, with a new email spam campaign. Locky was one of the first major forms of ransomware to become globally successful and at one point was one of the most common forms of malware.
HBO’s Twitter Accounts Were Hacked in Latest Cyberattack
Premium cable channel HBO has fallen victim yet again to a hacker attack. This time its official Twitter account was broken into, along with accounts for several of its most popular shows. A group calling itself OurMine gained control of HBO’s main account Wednesday night, according to reports.
AWS Launched a New Service Called Amazon Macie
At the AWS Summit in New York City, AWS launched a new service: Amazon Macie. Trend Micro is proud to support this exciting new service at launch. Amazon Macie provides automated insights into the usage of your Amazon S3 data.
Disdain Exploit Kit Detected in the Wild
On August 9, we detected a new exploit kit in the wild, being distributed through a malvertising campaign. With additional analysis of the code and activity, we can confirm that it is the Disdain exploit kit, which started to advertise their services in underground forums starting August 8.
Scottish Parliament Says the Ongoing ‘Brute-Force’ Cyberattack Has Not Breached Defenses
Scotland’s devolved parliament is suffering an ongoing brute-force cyberattack but the attack has not breached the assembly’s IT defenses, it said on Wednesday. Hackers are becoming more and more adept at developing or finding malware to wipe data on computers, making them inoperable.
Not All Hacking Requires a Computer
Why spend days or weeks trying to bust into a network when you could pick up a phone? Exploiting vulnerabilities of a company can simply involve picking up a phone, chatting with a few people or memorizing a few tones.
Cybersecurity Experts Are Finding Common Ground
Data breaches and cyberattacks can be extremely damaging to businesses and to people’s personal and professional lives. But, IT pros and policymakers focusing on cybersecurity often don’t speak the same language. Discover how these cybersecurity experts are finding common ground.
Hackers of the Future Could Use Malware Stored in DNA to Infect Computers
Researchers from the University of Washington have figured out a way to take over a computer by encoding malicious software into physical strands of DNA. In its most basic form, the DNA is a way of storing information, and its strands are made from four building blocks — A, C, G, and T.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.