January 29, 2016
This week saw a point-of-sale breach at Wendy's, an employee data breach at the University of Virginia, and a healthcare breach at Centene Corporation as well as attacks against the Irish National Lottery Website and aerospace parts manufacturer FACC, which resulted in $55 million being stolen. On the advisory side, a new strain of ransomware not only encrypts files, but also disables some keyboard functions, and new reports were issued around healthcare breaches, malicious ads, and phishing. On the legal front the House Committee on Oversight and Reform is asking 24 federal agencies about the recent backdoor in Juniper Networks ScreenOS software, and several class action lawsuits and settlements came to an end. Plus, a new smart doorbell makes it easy for crooks to steal homeowners' Wi-Fi passwords.
January 22, 2016
Asda Supermarket led the week's trending cybercrime targets following a researcher publishing details of a website bug he discovered in 2014. The Crackas With Attitude continued to target government officials, and several health service providers announced data breaches. Trending cybercrime advisories include tax season fraud, advertising fraud, more malvertising, and password manager phishing attacks. The legal side saw a busy week with the Supreme Court ruling on class action lawsuits, one company suing their cyber insurance provider, and another company suing their cybersecurity vendor. And with a new year comes a new list of the most common (and worst) passwords.
January 15, 2016
Director of National Intelligence James Clapper was the latest victim of the "Crackas With Attitude" hacker group as several of his personal accounts were compromised. Battlefy, LifeSafer and Indiana University Health Arnett rounded out the week's most discussed cybercrime targets. Android topped this week's list of cybercrime advisories followed by WhatsApp and Microsoft. And encryption, new cybercrime laws, and legal developments related to the St. Louis Cardinals and the DD4BC extortion group were among the top legal stories.
SurfWatch Labs is ringing in the new year with a new name, a new format, and a whole new podcast! Stay tuned to the SurfWatch Cyber Risk Roundup for a weekly recap of everything related to cybercrime, and be sure to check out our Cyber Chat podcast for weekly interviews with cyber experts. Our first guest is Dan Holden, director of ASERT, Arbor's Security Engineering and Response Team, and we discuss the politics and cyber implications around the utility cyber-attack in Western Ukraine that left 80,000 people without power for six hours. Check out that podcast here: http://cyberchat.podbean.com/