[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Hackers Still Going Hard After Banks – But Employees Are Now Prized Targets<\/p>\n
According to a new study released by Raytheon\/Websense, summarized here in this article published in Information Week\u2019s Dark Reading on Tuesday, June 23rd, banks still garner the most attention when it comes to cyber attacks; three times more than any other industry. The attention, however, isn\u2019t new, and banks and other financial institutions are usually on the cutting edge when it comes to technology solutions geared to keep their networks safe. \u201cBut there is still a soft spot that technology alone still can\u2019t quite solve,\u201d says Joe Caruso, founder and CEO\/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions and digital forensics services headquartered in New York City, \u201cand that soft spot comes in the form of personnel already inside the castle.\u201d<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fc875ca5fd&e=20056c7556<\/p>\n
Executive Enterprise Mobility: Report by Apperian<\/p>\n
In order to understand the trends and the preferred enterprise approaches, our partner Apperian recently conducted an Executive Enterprise Mobility survey. The takeaways from the summary were quite impressive and intrigued me a lot. The survey results reinforced the enterprise mobility journey and the shift in the strategies adopted to enable user satisfaction and drive mobile productivity. The survey results are published in this report.<\/p>\n
Enterprises are now moving beyond Secure Email when they think of a mobile deployment. There is now an increasing focus on mobilizing the core workflows that have the greatest impact on ROI. Although more than two-thirds of respondents stated security as their primary concern, the same respondents also stated that their investments are focused on increasing the app usage and adoption.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d5e373effc&e=20056c7556<\/p>\n
CryptoWall ransom malware sneaks onto systems using clickfraud botnet<\/p>\n
Security firm Damballa has discovered a conventional click-fraud botnet being used to distribute the CryptoWall ransom malware, an unusual but deadly integration between normally very different types of crimeware.<\/p>\n
In its latest threat report, the firm reports tracking a clickfraud infection nicknamed \u2018RuthlessTreeMafia\u2019 it noticed on a customer network – in fact the Asprox botnet – which at first appeared to be nothing more sinister than an attempt to direct bogus traffic to a search engine.<\/p>\n
This kind of campaign looks like a warning. CryptoWall has become the number one ransom malware menace of 2015 and can probably be considered on par with the infamous CryptoLocker of 2013 for sheer aggressiveness albeit that consumers and businesses are more aware of this type of threat than they were then.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b24258267a&e=20056c7556<\/p>\n
United States: Canada Moves Forward With Mandatory Federal Security Breach Notification Law<\/p>\n
On June 18, 2015, the Canadian Minister of Industry announced that the Digital Privacy Act, which amends Canada’s foundational Personal Information Protection and Electronic Documents Act (PIPEDA), has received royal assent and is now law. Although the Act contains a number of provisions that are likely to impact organizations doing business in Canada, certain key features\u2014notably, the security breach notification requirements\u2014will not come into effect until regulations are issued by the Canadian government.<\/p>\n
Pursuant to amendments contained in the Digital Privacy Act, organizations will be required to notify the Privacy Commissioner and affected individuals of “any breach of security safeguards involving personal information under [the organization’s] control if it is reasonable in the circumstances to believe that the breach creates a real risk of significant harm to an individual.\u201d<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f076db25e9&e=20056c7556<\/p>\n
NIST Drops Weak Dual_EC RNG From Official Recommendations<\/p>\n
NIST officially has removed the controversial and compromised Dual_EC_DRBG from its list of recommended algorithms for generating random numbers.<\/p>\n
The Dual_EC random number generator was at the center of a controversy in the security community two years ago after revelations that the National Security Agency had exerted its influence on the development of the algorithm and intentionally weakened it to allow the agency to access communications protected by products that use Dual_EC. The random number generator later was included in the RSA BSAFE crypto library as the default algorithm. The BSAFE library is used in a long list of encryption products.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ef6b2110ee&e=20056c7556<\/p>\n
Famed Security Researcher Mudge Leaves Google<\/p>\n
Peiter Zatko, a respected computer security researcher better known by the nickname Mudge, says he\u2019s leaving his job at Google to explore ways to help U.S. government make software more secure.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=93451c9198&e=20056c7556<\/p>\n
Study: Click-fraud malware often leads to more dire infections<\/p>\n
Damballa warned in a \u201cState of Infections Report\u201d that seemingly low-risk click-fraud malware could lead to further infections of more sinister threats, such as ransomware<\/p>\n
In the report’s RuthlessTreeMafia group example, a victim was infected with click-fraud malware through a phishing email. Once infected with this initial malware \u2014 the group used Asprox \u2014 the malware’s Command and Control (C&C) server then updated the impacted device with additional malware. One was a rootkit and the other a click-fraud installer.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ed4cabdda2&e=20056c7556<\/p>\n
Zeus and SpyEye banking malware gang arrested in Ukraine<\/p>\n
Europol has triumphantly reported the arrest of five suspects accused of being key members of the gang behind the notorious Zeus\/SpyEye malware used to attack countless of online bank accounts in the last five years.<\/p>\n
In a statement, the organisation said that the unnamed individuals had been picked up at four cities in Ukraine on 18 and 19 June after an intensive Belgian and Austrian investigation stretching back to 2013.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d51f607428&e=20056c7556<\/p>\n
Government seeks to boost security of telco infrastructure<\/p>\n
The Telecommunications and Other Legislation Amendment Bill 2015 (PDF) will amend the Telecommunications Act 1997 to strengthen the current framework for managing national security risks to Australia\u2019s telecommunications networks.<\/p>\n
That framework would include an obligation to protect infrastructure and data passing through it, compel industry to provide the government with information to assess national security risks to telco infrastructure and a penalty regime to include compliance.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=16a414ef7a&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=b705367136)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage2.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Hackers Still Going Hard After Banks – But Employees Are Now Prized Targets According to a new study released by Raytheon\/Websense, summarized here in this article published in…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1105","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1105","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1105"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1105\/revisions"}],"predecessor-version":[{"id":3592,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1105\/revisions\/3592"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}