By: Anthony Gil

Top 7 Cybersecurity Stories This Week 01-06-2017

Too busy working to keep up with cybersecurity news this week? Here’s a round-up of the top stories from the cyberscape.

Confidential Military Personnel Data Leaked

MacKeeper researcher Chris Vickery discovered a large volume of data leaked online from Potomac Healthcare Solutions, which provides services to the U.S. Army, Navy, Marine Corps, Air Force and other public sector organizations. An analysis of the files revealed that they stored names, email addresses, phone numbers, dates of birth, contract information, work locations and social security numbers of healthcare professionals working at Potomac facilities and U.S. military installations, reports SecurityWeek. Read more.

Holiday Inn Parent Company Investigating Breach

InterContinental Hotels Group (IHG), the parent company for more than 5,000 hotels worldwide including Holiday Inn, is investigating claims of a possible credit card breach at some U.S. locations. Last week, KrebsOnSecurity began hearing from sources who work in fraud prevention at different financial institutions, who said they were seeing a pattern of fraud on customer credit and debit cards that suggested a breach at some IHG properties — particularly Holiday Inn and Holiday Inn Express locations. Read more.

New Android Trojan Hijacks Routers

A new form of Android Trojan malware, dubbed "Switcher Trojan," is capable of attacking the routers controlling the wireless networks of its victims, thus leaving them vulnerable to further cyberattacks, fraud, and data theft. The malware uses unsuspecting Android device users as tools to redirect all traffic from Wi-Fi connected devices on the network into the hands of cybercriminal attackers, reports Dark Reading. Read more.

WhatsApp Targeted by Mobile Malware Disguised as Microsoft Docs

Mobile malware was spotted targeting WhatsApp users in India through messages claiming to be from government agencies, reports SC Magazine. Two malicious files are purportedly from the National Defense Academy (NDA) and National Investigation Agency (NIA). Central security agencies in the country said it appears the malware is targeting defense, paramilitary and police forces. Read more.

Deploying Ransomware Now Illegal in California

As of January 1, the delivery of ransomware is illegal in California thanks to Senate Bill 1137 going into effect. The maximum penalty for ransomware usage will be four years in state prison, reports Ars Technica. Read more.

FBI's CMS Allegedly Hacked

FBI’s content management system has been hacked by CyberZeist, who also managed to get access to more than 150 logins, including email addresses and encrypted passwords. According to Softpedia, the hacker says that the site was hosted in a VM and this blocked him from getting root access, but he anyway managed to retrieve some server information, including software info and the most recent reboot. Read more.

Russian Malware Found in Ransomware Targets Power Companies

A malware variant previously linked to a hacking group with alleged ties to Russian intelligence has been transformed into a ransomware virus that is now infecting industrial control systems like those found in power plants and water treatment facilities, reports security firm CyberX. Read more.

 

Learn more about Zscaler.