More than half of major malware attack’s victims are industrial targets
“Petya intended effects examined”
Kaspersky Labs has released a new report with some grand insights in the Petya malware attack. First appearing as a widespread ransomware attack, it became clear later into the ordeal that the spread was more intended for destruction rather than financial gain. Kaspersky reported specifically that financial sectors were the most affected, as well as manufacturing or oil mechanisms.
Hacking Factory Robot Arms for Sabotage, Fun & Profit
“Could open a new world of ‘Subtle Blackmail'”
Black Hat talk will discuss how cybercriminals could manipulate robotic arms and create defects in vital products. Security researchers have been accumulating cache’s of big discoveries about IIoT vulnerabilities, and Black Hat is planning on continuing their release to raise awareness of critical flaws in infrastructure, power grids, and gas pipeline controls.
General Data Protection Regulation (GDPR) requirements, deadlines and facts
“EU legislation lowdown”
GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could cost companies dearly. This article details what every company that does business in Europe needs to know about GDPR.
Online fraud costs public billions but is still not a police priority, says watchdog
“Policing institutions not enforcing rules effectively”
The National Audit Office has claimed that various policing and regulatory agencies were insufficiently addressing the issue of online fraud. The NAO says that for most police forces the incidents are: “not yet a priority” and the problem had been overlooked by government, law enforcement and industry.
Vulnerabe IBM Code Pulled After Insistence From Security Experts
“Potential to affect several versions of WebSphere”
A researcher who was able to successfully exploit a proof of concept code able to affect WebSphere versions 7, 8, 8.5, and 9 was censored without major damages occurring. Maurizio Aggazini was cooperating with IBM to responsibly patch and censor vulnerabilities experienced in the firm’s products. These include the deserialization of untrusted data sources, causing DoS issues and allowing re,ote execution of hacking.
Half of Androids Able to be Compromised to Seemingly Outdated Malware
“Ghost Push capable on infecting Androids up to version 5”
A fairly dated yet successful malware program known as Ghost Push is reportedly still one of the most widely effective software’s used to exploit unsuspecting users. Cheetah Mobile experts say that the majority of the infections are received from application downloads not installed through the Google Play store. The Trojan program is capable of preventing third parties from gaining root privilege.
UK Firms Could Face Huge Increase in Data Breach Fines in 2018
“New EU legislations could enact harsh penalties”
PCI Security Standards Council is recommending technology companies to bypass extremely increased costs of fines that new legislation from the European Union is poised to enact. In 2015 90% of large scale firms and 74% of SME’s had reported at least one security breach, reaching just about 1.4 billion pounds worth of consumer protection fines. The EU General Data Protection Regulation is set to put harsher regulations into place that will affect firms that will instill penalties of up to €20m.
Hackers Successfully Infiltrate Senate GOP Committee
“Accelerates fears of security vulnerabilities”
While news reports of Democratic Party server hacks run rampant through the press, Republicans have been hit with a particularly devastating cyberattack by Russian operatives. For the last six months, cybercriminals have allegedly been siphoning credit card information from customers in the web storefront of the National Republican Senatorial Committee, selling the data in the black market.