Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Petya Expands its Scope as a Global Ransomware Threat
Petya first garnered more recent attention in June 2017 when security researchers and investigators discovered that it was responsible for several large-scale attacks in Ukraine. According to Microsoft, before the end of June, Petya had spread to 65 countries total, impacting more than 12,500 machines.
IRS Issued Urgent Warning about Ransomware Email Scam
The Internal Revenue Service (IRS) has issued an urgent warning about a new scheme targeting taxpayers. The scam email uses the emblems of both the IRS and the FBI, and urges recipients to click on a link to download a questionnaire allegedly from the FBI.
Recent Phishing Attacks Capitalize on Office 365 Security Holes
There are two ways phishers are evading MicrosoftOffice 365 Security protections: one using “hexidecimal escape characters” to conceal coding and links, and the other by compromising SharePoint files. Researchers suspect that this phishing campaign may be the work of Chinese cybercriminals.
FDA Issued Recall of 465,000 St. Jude Pacemakers to Patch Security Holes
In particular, Abbott’s pacemakers, formerly of St. Jude Medical, have been “recalled” by the US Food and Drug Administration (FDA) on a voluntary basis. An estimated 465,000 pacemakers must be given a firmware update to protect them against a set of critical vulnerabilities.
Hackers Have Improved Their BEC Attack Methods
Business email compromise (BEC) attacks increased by 45 percent in the last three months of 2016. As email is increasingly used for notifications and interpersonal connections in company and consumer settings, it will be essential to evaluate its security capabilities and protect it appropriately.
CeX Hack Puts as Many as 2 Million Accounts at Risk
Second-hand gaming retailer, CeX, confirmed an “online security breach” may have put as many as two million customer accounts at risk. In an email to customers, the company said that personal information – including first names, surnames, addresses, email addresses and phone numbers – was stolen.
Bitpaymer Ransomware Attack Highlights Need for Better IT Security in Hospitals
The UK hospital group, NHS Lanarkshire, was forced to cancel several patient appointments after a new variant of Bitpaymer ransomware was detected in its IT systems last Friday. The hackers demanded the hospital pay 50 Bitcoins, or about $218,000.
New Cybersecurity Regulations Now in Force in New York
Earlier this year, the State of New York introduced a new set of regulations requiring banks, insurance companies and other financial services to establish and maintain cyber security programs that meet specific standards. The first of four transition periods ended on Monday.
Trend Micro Announces Support for VMware Cloud on AWS
Trend Micro’s Deep Security server security product is now available to customers of VMware Cloud on AWS. This means customers can take advantage of agile cloud infrastructure, while maintaining their familiar VMware tools, skill sets and architecture framework investments.
4 Principles to Follow for Hybrid Cloud Success
The future is cloud. At this point in its evolution it’s undeniable. Success in the hybrid cloud starts with these four principles; (1) one process regardless of environment, (2) tools must scale automatically, (3) tools must be programmable, and (4) tools must take smart decisions on your behalf.
It’s Back to School Time, Keep Your Children Safe Online
The truth is that today, there aren’t many kids on the school campus that don’t have a laptop or mobile device. Just as we’d teach them how to cross the road safely and why they shouldn’t talk to strangers, so we must do the same for their digital lives.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.