Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Yahoo Hackers Accessed 32 Million Accounts with Forged Cookies
Yahoo revealed some additional details about data breaches that have affected over a billion accounts. Among that information is the news that hackers who obtained Yahoo’s code and were able to create their own cookies were able to access 32 million accounts through 2015 and 2016.
RATANKBA Malware Tied to Large-Scale Watering Hole against Enterprises
In early February, several financial organizations reported malware infections on their workstations. The attacks turned out to be part of a large-scale campaign to compromise trusted websites to infect the systems of targeted enterprises across industries. This is typically known as a “watering hole” attack.
2016 Set the Record for Enterprise Threats
Every year Trend Micro takes a look back at the threat landscape from the previous year and analyzes the data we receive from our massive customer base around the world and reports on the trends we saw and the key threats that affected the cyber world.
Slack Bug Granted Hackers Full Access to Accounts and Messages
Slack has fixed a security flaw that let hackers steal user authentication tokens used to gain full and complete access to accounts and messages. Frans Rosén created a proof-of-concept exploit that allowed him to steal a user’s private Slack token used to log in the user to the collaborative messaging service.
The SHA-1 hash function is broken. This isn’t news. What is news is that a practical attack has been demonstrated Keep in mind that “practical” is used in cryptographers terms and those terms don’t necessarily have an impact on your daily IT use.
Pwn2Own Has Become the Root of Security Research
It’s not just that exploits used during Pwn2Own are complex. They certainly are. Several of the bugs disclosed through program received accolades from the community, such as the Pwnie awards. More than that, the bugs that appear during Pwn2Own drive the research of others and more.
Singapore’s Ministry of Defense Suffered Its First Successful Cyberattack
A cyberattack on the Defence Ministry of Singapore’s internet system (I-net) has resulted in the personal data of 850 employees and conscripted military personnel being stolen. The stolen data includes national identity (NRIC) numbers, telephone numbers and dates of birth.
Zombi Botnets Contribute to Growing Security Threats
When the cyberattack on Dyn’s servers happened in late 2016, several prominent websites were impacted. Organizations like Twitter and Netflix were catapulted into a state of disrepair as engineers struggled to bring servers back online. The culprit? The Internet of Things-based botnet called, Mirai.
Companies typically set weekly, monthly and yearly goals so they can exceed different types of expectations. If you have yet to set New Year’s resolutions for your business, there’s still plenty of time to do so. We suggest coming up with resolutions that focus on protecting your company from IT criminals.
Establish Internet Safety for Kids
U.S. households are filled with more devices than ever before. Recent research conducted by Trend Micro found that nearly 30 percent have three or more smartphones, around a third have two or more tablets and close to half have two or more computers in their household.
Taiwanese Trenders Volunteer to Help Young Students Learn to Code
The Trend Micro Volunteers Club in Taiwan partnered with the “Program the World” project to build excitement for computer programming for students across Taiwan. “Program the World” is a nonprofit organization that provides programming courses to underprivileged children who live in remote areas of Taiwan, who are limited in access to this type of education.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.