The local D.C. police disclosed that hackers were able to infect police surveillance cameras ahead of the Trump Inauguration. City officials said ransomware left police cameras unable to record between Jan. 12 and Jan. 15. The cyberattack affected 123 of 187 network video recorders in a closed-circuit TV system for public spaces across the city, the officials said late Friday. Read more.
Mozilla says that the average volume of encrypted internet traffic finally surpassed the average volume of unencrypted traffic. “Billions of users will start to regularly experience a web that is more encrypted than not,” says Josh Aas, the co-founder of Let’s Encrypt, an organization that’s helping millions of sites add HTTPS to their sites for free. Read more.
Malwarebytes released their annual “State of Malware” report analyzing trends in malware over the last year and making predictions for the year ahead. The report dives into how various types of malware, including ransomware, ad fraud malware and botnets have evolved and their effect on the threat landscape. Read more.
New data from the company this week shows that in 2016, Google paid some $3 million in rewards to 350 bug hunters from 50 countries who discovered more than 1,000 security vulnerabilities in Android, Chrome, and other Google products. The payout was about 50% higher than the $2 million that Google handed out in similar rewards in 2015, and double the $1.5 million it paid out in 2014. Read more.
Russian authorities have charged two former officers in the Federal Security Service and an employee of cyber security firm Kaspersky Lab with committing treason in the interests of the United States, according to a lawyer representing one of the three. It was not immediately clear what the exact alleged conduct was, though U.S. intelligence agencies have accused the FSB of hacking U.S. targets and Russia’s other agency, the GRU, of releasing information to help the election of President Trump. Read more.
Krebs on Security published a deep dive on stolen W-2s and Tax Data that scammers can buy in order file fraudulent tax returns. A cybercriminal shop on the dark web added a store that sells raw W-2 tax form data on more than 3,600 Americans, virtually all of whom apparently reside in Florida. Read more.
WordPress has revealed that last week's security update silently fixed a critical remote code execution bug. WordPress says it kept the vulnerability under wraps for a week to give millions of the popular CMS' users time to patch before cluing in attackers to this specific flaw via a public advisory. Read more.