Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
Two Year Review of Cyber Espionage Group Pawn Storm, aka Fancy Bear
In our latest report on Pawn Storm, researchers expose the scope and scale of the cyber espionage group’s attacks but more importantly their cyber tradecraft. Our researchers have observed activity going back seven years targeting government, military, media, and political organizations around the world.
Trend Micro and INTERPOL Are Teaming Up Again to Fight Global Cybercrime
The latest in a long line of our collaborative efforts with INTERPOL was revealed by the organization on Monday. We helped support a major operation to crack down on cybercrime in the ASEAN region, resulting in the identification of nearly 9,000 Command and Control (C&C) servers and websites.
Pawn Storm Abuses Open Authentication in Advanced Social Engineering Attacks
Pawn Storm is an active and aggressive espionage actor group that has been operating since 2004. The group uses different methods and strategies to gain information from their targets, which are covered in our latest research. However, they are particularly known for dangerous credential phishing campaigns.
Game Guide Malware Targeted More than 500,000 Users
App-based guides for games, including Fifa and Pokemon Go, were used to target more than 500,000 Android users with malware, a cyber-security company has said. The apps, discovered on the Google Play Store, were designed to take control of devices before downloading malware.
Man Behind Titanium Stresser DDoS Malware Imprisoned
A Hertfordshire man has been jailed for two years after netting nearly £400,000 from the malware he wrote as a 15-year-old student. Adam Mudd, now 20, was sentenced to two years in a young offenders’ institute this afternoon.
Webroot Fixes Faulty Antivirus Update That Mistakenly Flagged Windows as Malware
Windows’ system files were flagged as malicious, and Facebook was marked as a phishing site. A malware signature update issued by the company on Monday triggered the software into mistakenly flagging Windows system files as malware, melting down millions of managed systems around the world.
Businesses Must Defend Against Threat Actor Groups Like Pawn Storm
These actors often use multi-angle bombardment attacks on the same target, implementing multiple methods to reach their goals and relying on practiced (proven) techniques, especially when it comes to phishing attacks.
IoT Devices Worldwide Could Be Infected with ‘Hajime’ Malware
A new mysterious malware that builds a vast peer-to-peer botnet to infect the Internet of Things (IoT) worldwide has been identified with almost 300,000 devices under its control, ready to perform a large-scale DDoS attack.
Machine Learning Is Helping Win the War Against Ransomware
The number of emails containing ransomware rose 6,000 percent since 2015, and in 2016, 40 percent of all spam emails had one of these malicious programs hidden within, according to IBM. Thankfully, new approaches like machine learning are blazing a trail in the fight against ransomware.
Linux Servers Are Vulnerable to Attacks
It is very important to not confuse vulnerabilities with threats. While there may be fewer known threats for Linux, if you look at the National Vulnerability Database, there are a similar number of vulnerabilities reported for both Linux, and Windows operating systems.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.