Yahoo Admits Some Employees Knew of Massive Hack in 2014*:
- Yahoo admitted that not long after a hack in 2014 some of its employees were aware a state-sponsored hacker had breached its network.
- The revelation is sure to cast a larger shadow over Verizon's $4.8 billion deal to acquire the company.
- The company said at the time that it discovered the massive intrusion after a hacker claimed in August to have snatched 200 million Yahoo usernames and passwords in an earlier hack.
- Yahoo filing with the US Securities and Exchange Commission revealed that at least some people within the company were aware of the intrusion in 2014.
- The massive hack was allegedly uncovered a month after Verizon announced plans to acquire Yahoo for $4.83 billion and merge it with AOL.
- The hacking revelations led to questions that could affect the acquisition; some noting that Verizon might not have offered as much money or made a bid for Yahoo at all had it known about the attack earlier.
- Yahoo declined to comment beyond its filing, citing its ongoing investigation.
*Source: CNET, November 09, 2016
UK Bank Suspends Online Payments After Fraud Hits 20,000 Accounts*:
- The banking arm of U.K. supermarket chain Tesco has suspended online payments for its 136,000 checking account customers following a spate of fraudulent transactions.
- The bank suspended its payment service for all checking account customers after 40,000 experienced suspicious transactions.
- The bank will bear any losses as a result of the fraudulent activity and customers are not at financial risk.
- Customers will still be able to use the online banking service and make card payments in stores.
- The bank began sending text messages to customers, alerting them to the problem and inviting them to call for further information.
- The U.K.'s National Crime Agency, which hosts the country's national cybercrime unit, said it is coordinating law enforcement response to what it described as "the Tesco Bank data breach."
- The bank uses the 3D secure standard, also known as Verified by Visa or MasterCard SecureCode, to authenticate online payments.
- This requires customers to provide a password other than their four-digit PIN or the three-digit CVV printed on the reverse of their cards in order to complete online payments.
- The losses could be due to a compromise of Tesco Bank's online banking system, or a malware infection on bank clients' PCs or mobile devices, spread through targeted spear-phishing attacks or a social engineering campaign.
*Source: CSO online, November 07, 2016
German Cabinet Approves Cyber Security Strategy*:
- Germany's cabinet has approved a new cyber security strategy amid a growing number of attacks.
- The strategy calls for the creation of a mobile Quick Reaction Force housed within the Federal Office for Information Security (BSI), as well as similar teams within the federal police and domestic intelligence agency that are able to respond to cyber threats against government institutions and critical infrastructure.
- Germany's Cyber Defense Center will fall under the authority of the Interior Ministry, which will seek to foster inter-agency coordination and cooperation.
- The government wants to build up awareness and support for businesses and expects them to take active measures to protect against cyber threats.
- Another part of the strategy promotes raising awareness among the population, including advocating for the use of encryption and security labels for IT products.
- According to a BSI report, there are a growing number of sophisticated malware targeting IT systems in Germany for which existing anti-virus programs are inadequate.
- Many of the cyber-attacks are so-called ransomware that block computers or steal data in order to extort ransom payments.
- Interior Minister Thomas de Maziere said that an increasing number of cyber-attacks originate from outside Germany's borders, mainly directed from China and Russia.
*Source: DW, November 09, 2016
Locky Targets OPM Breach Victims*:
- A phishing campaign pushing Locky ransomware is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015.
- Attackers are using phishing messages that warn targets that the OPM has detected “suspicious movements” in their bank accounts.
- The email goes onto ask recipients to “examine the attached scanned record.”
- The ransomware was used to target hospitals starting with Hollywood Presbyterian Medical Center in Los Angeles, which paid a $17,000 ransom, and this summer was spread by the ‘Necurs botnet’.
- According to a Check Point analysis of Locky, researchers have documented at least 10 different Locky downloader variants.
- User education and the bolstering of incident response practices can give organizations the edge over threat actors.
*Source: Threat Post, November 09, 2016
What Will ‘Law and Order President’ Mean for Encryption, Surveillance of Citizens?*:
- Donald Trump's surprise election victory has alarmed technology companies and civil libertarians fearful that a self-described 'law and order' president will attempt to expand surveillance programs and re-join a long running battle over government access to encrypted information.
- Trump's campaign featured numerous broadsides against the tech sector, including calls for closing off parts of the internet to limit militant Islamist propaganda and urging a boycott of Apple products over the company's refusal to help the FBI unlock an iPhone associated with last year's San Bernardino, California shootings.
- Trump has also threatened antitrust action against Amazon.com and demanded that tech companies such as Apple build their products in the United States.
- The battle over encryption, which dates to the 1990s, could heat up quickly with Trump's win and the re-election of Republican Senator Richard Burr, the chairman of the Senate intelligence committee.
- Burr spearheaded a failed effort last year to pass legislation requiring that companies build ‘back doors’ into their products that would allow the government to bypass encryption.
- Such requirements are fiercely opposed by the tech industry, which argues that back doors weaken security for everyone and that the government has no business mandating tech product design.
- WhatsApp would be "extremely vocal" against any such effort, as it "would damage the reputation of American companies in the global arena."
- WhatsApp rolled out encrypted messages and phone calls on the service earlier this year.
- A Trump campaign spokeswoman did not respond to a request for comment about the President-elect's encryption or surveillance policies.
*Source: NBC news, November 10, 2016
Softbank and Zimperium to Offer Security Solutions for Mobile Devices in Japan*:
- SoftBank Corp. and US-based Zimperium, Inc. announced an agreement with SoftBank to offer Zimperium's AI-powered security solution for mobile devices in Japan.
- SoftBank also plans to propose additional security services to enterprise customers in the future.
- With the spread of mobile internet, a great variety of services like electronic payments and online storage can be used conveniently by individuals and enterprises.
- At the same time, unknown malware and cyber-attack methods that target personal data and confidential, company information has grown rapidly, making it more difficult to protect data with standard OS features.
- Zimperium's mobile security solution incorporates an AI-powered threat detection engine that is built to detect both known and unknown threats.
- The company offers a wide range of products for enterprises and end-users, including security solutions for smartphones, security-conscious software development kits for fintech apps and other categories, and tools for companies to collectively manage the security of multiple devices.
- SoftBank and Zimperium will work to provide security solutions for mobile devices so customers can use the mobile Internet with even greater safety and security.
*Source: PR newswire, November 10, 2016