Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
ICANN Transition Moves Forward Despite Attempts to Block It
The Internet Corporation for Assigned Names and Numbers, the long-time coordinator of the internet’s Domain Name System, is independent of U.S. government oversight, at least for now. The U.S. National Telecommunications and Information Administration’s planned turnover of ICANN oversight to the wider internet community happened early Saturday morning.
Johnson & Johnson Warns Patients of an Insulin Pump Cyber Bug
Johnson & Johnson is telling patients that it has learned of a cyber security bug in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the hacking risk as low.
Due to Maersk’s breadth of business channels and global reach, it required an integrated system to manage its various data centers across the world for seamless flow of information. To achieve a modern, standardized and integrated system, Maersk implemented a public cloud strategy using Microsoft Azure.
Hacker Releases Code Behind Record-Breaking Krebs Cyberattack
A programmer claiming to have designed the tool behind a record-breaking cyberattack targeting journalist Brian Krebs has publicly released the source code to a hacker forum. In September, Krebs faced the largest known distributed denial of service (DDoS) attack in history.
Hacking Group OurMine Breach BuzzFeed in Retaliation for Exposé
Hacking group OurMine breached BuzzFeed on Wednesday, seemingly in response to an investigation BuzzFeed published on Tuesday, which alleged that OurMine is not actually a group, but a lone Saudi Arabian high schooler. The teens (allegedly) strike again.
FastPOS Updates in Time for the Retail Sale Season
Most point-of-sale (PoS) threats follow a common process: dump, scrape, store, exfiltrate. FastPOS (initially detected by Trend Micro as TSPY_FASTPOS.SMZTDA) was different with the way it removed a middleman and went straight from stealing credit card data to directly exfiltrating them to its command and control (C&C) servers.
Satellites Could Be the Next Cybersecurity Battleground
So many of the mundane, earthly things we rely on, from GPS to making a credit card transaction, are made possible by satellites. Space may feel like an untouchable realm, but as the systems we have in place get older, they’re becoming even more vulnerable to cybersecurity threats, according to experts.
Army Wants Soldiers Trained to Fight through Cyberattack
U.S. Army modernization officials said Monday that the service must start training soldiers to survive a cyberattack on the battlefield. “We must be able to understand what can happen to our systems through a cyberattack, and what the enemy’s capability is and how we counter that,” Gen. Gustave “Gus” Perna, commander of Army Materiel Command said.
TalkTalk Hit with Record £400,000 Fine for Cyberattack
UK telecoms provider TalkTalk has been hit with a record £400,000 fine for having poor website security that led to the theft of the personal details of 157,000 customers. TalkTalk was issued with the fine by the Information Commissioner’s Office (ICO) in the UK, which suggested that the company could have easily prevented the data breach.
Stampado Ransomware Analysis Led to Yara Improvements
Stampado is a relatively new Ransomware-as-a-Service (RaaS) threat that’s been on the radar recently. There were only a few samples at the time, looking for common strings among them but there was nothing. Then comparing the files structures, all of them had an interesting section at the end of the file.
Protect Yourself against Ransomware Now
Ransomware is a moving target, as new ransomware is developed daily, enabled by exploit kits, and even fostered by Ransomware-as-a-service (RAAS) cybercriminals who distribute their ransomware to other criminals, while taking a cut of the illicit profits. Users can arm themselves against ransomware by taking the proactive steps outlined here to stop themselves from getting infected in the first place.
Trend Micro Participated in Give and Match Program
“Our business, and for that matter any business, has a responsibility to ensure that the environment in which it operates is vibrant, healthy, and sustainable.” – Eva Chen, Trend Micro CEO. This year, 475 Trenders from all over the world participated and together, with Trend Micro’s match, collected a total of $86,181 to be donated.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.