|
||
1) Russia's
Fancy Bear APT Group Gets More Dangerous – Fancy
Bear, the Russian advanced persistent threat group associated with the
infamous intrusion at the Democratic National Committee last year among
numerous other break-ins, may have become just a little bit more dangerous. Encryption and code refreshes to group's
main attack tool have made it stealthier and harder to stop, ESET says. The fourth and latest version of
the malware comes with new techniques for obfuscating strings and all
run-time type information. The techniques, according to ESET, have significantly
improved the malware's encryption abilities. The Fancy Bear/Sednit group also
has upgraded some of the code used for command and control (C&C) purposes
and added a new domain generation algorithm (DGA) feature for quickly
creating fallback C&C domains.
2) Cybersecurity:
A priority area for the Indian Government - India’s
rapid transition towards digital economy coupled with national projects like
Digital India, Smart Cities, National Broadband Network and so on are
altering the digital landscape rapidly with direct impact on governance,
transparency, and accountability. With
the drive towards a digital economy, a large amount of consumer and citizen
data will be stored digitally, and many transactions will be carried out
online, by individuals, companies, as well as government departments. This
rapid change towards a digital environment has brought to fore the challenges
of certain security risks and concerns, particularly to human and nation’s
cybersecurity.
3) Comprehensive
Endpoint Protection Requires the Right Cyber Threat Intelligence
- A recent report from Grand View Research predicts that the cyber threat
intelligence (CTI) market will reach $12.6 billion by 2025. This growth in
demand isn't surprising when you consider the ongoing success of so many
high-profile and extremely damaging attacks. This climate of increasingly
sophisticated breaches has moved many organizations — particularly, those
that handle and retain sensitive data — to upgrade their cybersecurity
measures by adding CTI and incident forensics. CTI falls into three main categories -- tactical, operational, and
strategic -- and answers questions related to the "who, what, and
why" of a cyber-attack.
4) Fileless
Malware Attacks Hit Milestone in 2017 -
Fileless malware attacks using PowerShell or Windows Management
Instrumentation (WMI) tools accounted for 52% of all attacks this year,
beating out malware-based attacks for the first time, according to Carbon
Black's 2017 Threat Report. Non-malware
attacks account for the majority of all attacks this year, and ransomware
grows to a $5 billion industry, new data shows. Kryptik, Strictor, Nemucod, Emotet, and Skeeyah were the five top
malware families this year, according to the report. And the top three industries hit this year by
malware authors included finance, healthcare, and retail.
5) Google
Sheds Light on Data Encryption Practices - Google
explains the details of how it secures information in the cloud and encrypts
data in transit. Following a year of major cyberattacks and security threats,
Google has published two whitepapers to explain how it secures data. One
focuses on encryption of data in transit; the other on service-to-service
communication using Application Layer Transport Security (ALTS).
6) What's
next for cybersecurity in 2018? - We live in a world that is networked
together, where companies rely on networked systems and their data is stored
in the cloud. The year 2018 will bring
more connectivity, digital transformation initiatives, and data to companies,
along with a number of new cybersecurity threats and landscape changes
making cybersecurity one of the most crucial issues that need to be addressed
in the present scenario.
7) CROOKS
SWITCH FROM RANSOMWARE TO CRYPTOCURRENCY MINING
- Criminals behind the VenusLocker ransomware have switched to cryptocurrency
mining in their latest campaign targeting computer users in South Korea.
Instead of attempting to infect targeted computers with ransomware, the group is now trying to install
malware on PCs that mines for Monero, an open-source cryptocurrency.
Researchers said the shift by threat actors is also spurred by
anti-ransomware mitigation efforts that have made infecting systems with
malware harder.
8) Digital
Transformation Emboldens Cyber Adversaries—Can Cybersecurity Keep Up? - Businesses are accelerating their
digital transformation, seeking to leverage their online presence to enrich
products, deepen customer relationships, and boost their brand ecosystems.
However, with this rapid growth comes difficulty. As organizations expand
into digital channels, their digital footprint, i.e., all their
external-facing assets including websites, email servers, social landing
pages, and pages created outside proper protocol, also expands to potentially
unmanageable proportions.
9) The
Internet of Things Is Going to Change Everything About Cybersecurity
- Cybersecurity can cause organizational migraines. In 2016, breaches cost
businesses nearly $4 billion and exposed an average of 24,000 records per
incident. In 2017, the number of breaches is anticipated to rise by 36%. The
constant drumbeat of threats and attacks is becoming so mainstream that
businesses are expected to invest more than $93 billion in cyber defenses by
2018. Even Congress is acting more quickly to pass laws that will — hopefully
— improve the situation. Despite
increased spending and innovation in the cybersecurity market, there is every
indication that the situation will only worsen. The number of unmanaged
devices being introduced onto networks daily is increasing by orders of
magnitude, with Gartner predicting there will be 20 billion in use by 2020.
10) How
AI is the Future of Cybersecurity - The frightening truth about
increasingly common cyber-attacks is that most businesses and the
cybersecurity industry itself is not prepared. Beyond the lack of
preparedness on the business level, the
cybersecurity workforce itself is also having an incredibly hard time keeping
up with demand. By 2021, there are estimated to be an astounding 3.5
million unfilled cybersecurity positions worldwide.
|
||
|
Weekly blog that sums up the interesting Cyber Security developments of the past week.
Tuesday, December 26, 2017
iNews - Around The World This Week
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment