Cybercrime Week in Review 22 August 2015
Financially-Motivated Advanced Targeting (Phishlabs)
Cybercriminals have recently spent more time zeroing in on a specific target and deploying spear phishing attacks which have resulted in a surge of high-profile security breaches and/or major fraud schemes leaving organizations with millions in financial losses.
Smarten Your Data Security or Risk Corporate Loss (Info Security)
Since the advent of the internet, the law has struggled to keep pace with subsequent advances. Technology has progressed rapidly, with increasing numbers of everyday objects now connected in the internet of things (IoT), and threats have grown exponentially in tandem. Regulators and lawmakers, however, have been slow to recognize the data protection implications.
At what point do white hat hackers cross the ethical line? (CSO)
In recent months the news of Chris Roberts alleged hacking of an inflight entertainment system and possibly other parts of the Boeing 737 have sparked a wave of controversy. Public opinion was originally on Roberts’ side, but the recent publication of the FBI affidavit changed that drastically. According to the affidavit, Roberts admitted to doing a live “pen-test” of a plane network in mid-air.
IRS: Hack Much Wider Than First Thought (Bank Info Security)
The Internal Revenue Service says cyber thieves may have accessed as many as 334,000 taxpayer accounts in a breach of its Get Transcript system, far more than the 114,000 accounts it originally estimated in May.
Ransomware blueprints published on GitHub in the name of education (The Register)
Turkish security bod Utku Sen has published what appears to be the first openly available source code for ransomware – free for people to use and spread.
China arrests 15,000 for Internet-related crimes (Computer World)
The country’s Ministry of Public Security plans to increase further the enforcement of Internet rules.
Mumsnet DDoSed, SWATted, hacked – oh, and change your password, too! (Naked Security)
Popular and successful UK website Mumsnet is in the news again. Mumsnet is a community-oriented site that aims to make parents’ lives easier by pooling knowledge, advice and support.
Attackers increasingly abuse insecure routers and other home devices for DDoS attacks (PC World)
Attackers are taking advantage of home routers and other devices that respond to UPnP (Universal Plug and Play) requests over the Internet in order to amplify distributed denial-of-service attacks.
Spear Phishing: It Works And It’s Dangerous—Just Ask The Pentagon (Homeland Security)
The breach of an unclassified Pentagon email system by suspected Russian hackers at the end of July was just the latest in a series of state-sponsored attacks on government agencies. Although the Pentagon is back online after immediately disabling the email system in the wake of the attack, the attack has raised concerns about the use of spear phishing in nation-state cyber attacks.
Cyberattack campaign targets India, SEA nations (ZDNet)
A hacker group that appears to be residing in China has been targeting India and Southeast Asian nations in a bid to extract information about ongoing border disputes and other diplomatic issues.