Top 7 Cybersecurity Stories This Week 03-10-2017
Russian hackers are targeting U.S. progressive groups in a new wave of attacks, sourcing the organization's emails for embarrassing details and attempting to extract high money, according to two people familiar with probes currently being conducted by the FBI and private security firms. Read more.
WikiLeaks published thousands of documents Tuesday morning it described as the CIA's hacking arsenal, a document dump the website called the "largest ever publication of confidential documents on the agency." The website posted 8,671 documents/files online from what it claims is the CIA's Center for Cyber Intelligence, detailing the spy agency's hacking techniques. The material dates back from 2013 to 2016, with documents concerning malware, viruses, security zero days and several hundred million lines of code. Read more.
Researchers at Kaspersky Lab today detailed a new family of data-wiping malware that uses more advanced methods of hiding and evading detection. The malware, dubbed StoneDrill, has possible ties to the attack group behind the infamous Shamoon data-wiping malware. Researchers have also discovered that "Shamoon 2.0" also has a new feature in its weapon cache: a ransomware component. Read more.
The ratings groups will begin to consider products' cybersecurity following a rise in attacks on IoT devices. The nonprofit, which reviews everything from cars to appliances, has worked with several organizations to develop methods for evaluating how vulnerable a product is to hacking and how securely data it collects is stored. Read more.
A supposedly secure chat app popular with White House staffers contained serious security flaws, according to a new report. According to CNN, "Researchers discovered several ‘critical’ security vulnerabilities in some versions of Confide, an app that has gained popularity following reports that federal employees use it to communicate and to leak information securely. White House press secretary Sean Spicer has checked aides' phones for encrypted apps including Confide." Read more.
Verifone Systems is investigating a breach of its internal networks that appears to have impacted a number of companies running its point-of-sale card terminals.Credit and debit card payments giant Verifone is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions, according to sources. Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted. Read more.
WikiLeaks founder Julian Assange said on Thursday his organization would provide technology companies with exclusive access to CIA hacking tools to allow them to patch software flaws. According to USA Today, "Assange said the website hasn't published the weapons themselves because it doesn't want "journalists and people of the world, our sources, being hacked using these weapons… The best way to avoid that is to give companies such as Apple, Google and Samsung access to the tools." Read more.