12 Jul 2019

US mayors group adopts resolution not to pay any more ransoms to hackers

Earlier this week, the United States Conference of Mayors took a united stance “against paying ransoms in the event of an IT security breach.” A nonbinding resolution unanimously adopted by the organization states that “paying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit.” The Conference

Read More
12 Jul 2019

Google defends letting human workers listen to Assistant voice conversations

In response to a report by Belgian public broadcaster VRT NWS showing that Google lets human workers listen to audio captured by Google Assistant software, the tech giant acknowledges that its language experts review 0.2 percent of all audio snippets recorded by its virtual assistant. Google justifies this practicing by

Read More
12 Jul 2019

Gone phishing: Why summer brings increased security threats to the enterprise

A new report by LastLine shows that cyber risk may be highest during the summer months, with 30.5% of respondents indicating they see more cyber threats during the summer compared to the rest of the year. However, 47.1% said they did not notice seasonal attack trends. As to the specific

Read More
12 Jul 2019

One issue is probably to blame for your IT outages and data losses – and it’s not hackers

A new survey by Databarracks identifies hardware failure as the most common cause of data loss, ahead of human error and cyberattacks. However, cyberattacks are increasingly associated with data loss compared to previous reports, while the opposite trend is true for hardware failure and human error. In fact, the report

Read More
11 Jul 2019

Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads

Check Point researchers are sounding the alarm over a new strain of Android malware that has already compromised 25 million devices. The malware, referred to as Agent Smith, is capable of replacing legitimate applications with malicious copies that display rogue advertisements. The malware is delivered via seemingly benign apps on

Read More
11 Jul 2019

Industry Insight: Checking Up on Healthcare Security

New research by the Ponemon Institute and Censinet shines the spotlight on third-party risk in the healthcare industry. According to the report, the majority (56%) of healthcare organizations were at the receiving end of a data breach caused by one or multiple third-party vendors, costing the industry a total of

Read More
11 Jul 2019

Big Banks Vulnerable to Web, Mobile Attacks

ImmuniWeb researchers have found vulnerabilities in the web applications, APIs and/or mobile apps of 97 of the 100 largest financial organizations in the world, which are located across 22 countries. The report shows that 85 online banking apps where not compliant with GDPR, while 49 were not compliant with PCI

Read More
11 Jul 2019

Buhtrap Group Used Windows Zero-Day in Government Attack

Threat actors have been targeting a government institution in Eastern Europe by taking advantage of CVE-2019-1132, which is one of the two Windows zero-days fixed by Microsoft as part of this month’s Patch Tuesday, ESET researchers report. The hacking group, known as Buhtrap, abused the privilege escalation flaw in a June

Read More
11 Jul 2019

Cyber Threat Analysis Report Vol 1, Edition 7

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded

Read More
11 Jul 2019

New Ransomware Targets QNAP’s Network-Attached Storage Devices

A new ransomware strain dubbed eCh0raix is designed to compromise network-attached storage (NAS) devices produced by QNAP Systems, researchers with Anomali have discovered. In order to compromise the devices, the threat actors crack weak passwords via automated attacks or take advantage of known security flaws. NAS devices are commonly used

Read More