Social engineering attack: Screenshot shows recent tech-support scam page targeting U.S. users. (Source: Malware-Traffic-Analysis.net)

Threats: Social Engineering and Malicious Spam Dominate

Mathew J. Schwartz • June 22, 2017

Good news: Exploits kits are in decline, thanks to concerted efforts to disrupt their efficacy. Unfortunately, criminals are diversifying their attacks, focusing more on social engineering - including tech-support scams - and malicious spam campaigns.

Anti-Malware

Euro Cops Cuff Suspected Payment Card Fraudsters

Latest

Anti-Malware

Microsoft Defends AV Handling After Kaspersky Antitrust Lawsuits

Jeremy Kirk • June 22, 2017

Microsoft has sought to get in front of a brewing controversy over whether it unfairly disables third-party anti-virus products in Windows 10. The company is seeking to dampen charges that are reminiscent of its years-long legal tangles with global antitrust regulators.

Cybersecurity

Intelligence Panel Learns How to Hack Air-Gapped Voting Systems

Eric Chabrow • June 21, 2017

Hackers can breach air-gapped voting machines and tallying systems in an attempt to alter ballots to sway the outcome of an election, a Senate panel has learned. Also, at the hearing, DHS discloses that Russian hackers targeted 21 state election systems before the 2016 election.

Encryption

Crypto in Europe: Battle Lines Drawn

Mathew J. Schwartz • June 21, 2017

The European Parliament and European Commission are pushing for mandatory end-to-end encrypted communications, and banning backdoors, as part of the EU's rebooted e-privacy regulation. But the move runs counter to anti-crypto rhetoric being spouted by government ministers in Britain and France.

Anti-Malware

Honda Hit by WannaCry

Mathew J. Schwartz • June 21, 2017

One month after the SMB-targeting WannaCry worm outbreak began spreading globally, Honda discovered fresh infections at multiple facilities, and was forced to temporarily idle one plant as a result of the ransomware.

Data Loss

198 Million US Voter Records Left Online For Two Weeks

Jeremy Kirk • June 20, 2017

A data analytics firm aligned with the Republican Party says it accepts "full responsibility" after it exposed online a list that includes virtually all U.S. voter registration records along with extensive research that attempts to guess people's political views.

Anti-Malware

'Eulogizing' Neutrino Exploit Kit

Eric Chabrow • June 20, 2017

Writing the obituary for the lifeless Neutrino exploit kit leads the latest edition of the ISMG Security Report. Also, judging the value of the Department of Health and Human Services' wall-of-shame website of healthcare sector breaches.

Forensics

Making Forensic Investigations More Fruitful

Marianne Kolbasuk McGee • June 20, 2017

Organizations can take steps in advance to help ensure that forensic investigations into data breaches and cyberattacks are successful, says security expert John "Drew" Hamilton, a professor at Mississippi State University.

Breach Preparedness

Leak Reveals CIA 'CherryBlossom' Program Targeting Routers

Mathew J. Schwartz • June 19, 2017

A new dump from WikiLeaks has revealed an apparent CIA project - code named "CherryBlossom" - that since 2007 has used customized, Linux-based firmware covertly installed on business and home routers to monitor internet traffic and exploit targets' devices.

Breach Response

How WannaCry Survives

Eric Chabrow • June 16, 2017

The CEO of the company that crippled WannaCry's ransomware component explains to Congress how the worm continues to attack unpatched systems at increasing rates. Also, creating a healthcare cybersecurity framework.

Anti-Malware

Neutrino Exploit Kit: No Signs of Life

Mathew J. Schwartz • June 15, 2017

Good news: The Neutrino exploit kit - once a major exploit kit player - appears to have disappeared from the cybercrime scene. While it's unclear if Neutrino is gone for good, rivals have already filled any gaps in the market.

Anti-Malware

Two New Ransomware Decryptors Give Victims a Free Out

Mathew J. Schwartz • June 15, 2017

Victims of Jaff and EncrypTile ransomware can take advantage of two new free tools from security firms that exploit weaknesses in the malware crypto to forcibly crack encrypted files on demand - no potential ransom-payment required.

Cybersecurity

Report: Election Systems' Hacks Far Greater Than First Realized

Eric Chabrow • June 13, 2017

Russian hackers struck election systems in almost twice as many states as previously reported, according to a news report. The breaches could undermine confidence in the election process, one cybersecurity expert warns.