We are officially in December, how time flies. However the news just keeps on coming, so let’s get to it.
- First story of the week brings us news of a breach of the San Francisco Rail System. The system was hit with ransomware, and message appeared on all the muni terminals saying the systems were hacked and the data was encrypted.
- Read More @ https://krebsonsecurity.com/2016/11/san-francisco-rail-system-hacker-hacked/
- Read More @ http://thehackernews.com/2016/11/firefox-tor-exploit.html
- Next, some good news as the Avalance’ global fraud ring has been taken down. Avalanche was a cloud hosting network used by criminals for various activities and has been shut down finally after a 4 year long investigation and a combined effort by law enforcement.
- Read More @ https://krebsonsecurity.com/2016/12/avalanche-global-fraud-ring-dismantled/
- Next, an interesting article in which the Kevin Mandia of Mandiant, details some of the ways that the Russian state sponsored hacking tactics have changed int he past 2 years or two. It’s an interesting shift in approach that has surprised many, Mandia included.
- Read More @ http://www.darkreading.com/threat-intelligence/mandia-russian-state-hackers-changed-the-game-/d/d-id/1327616
- With IOT in the spotlight in recent weeks due to the Mirai botnet, here is a good article that looks at the top 10 most vulnerable IoT targets. Interesting read.
- Read More @ http://www.ioti.com/security/10-most-vulnerable-iot-security-targets
- Next, another article that takes a look at the short supply of cyber security talent around the world. This story also goes a bit more in depth in an attempt to explain the reasons for this. Good read.
- Read More @ http://www.geektime.com/2016/11/26/companies-are-in-short-supply-of-cyber-security-talent/
- Next, news comes in of a Nation State sponsored hack of the Japanese SDF military network. The SDF is denying that the breach happened but the source of the news was a highly rated, reliable news source “Kyodo News”. The state of the security industry in Japan is not ideal, so it would not be surprising at all if the news of the breach was accurate.
- Read More @ http://www.infosecurity-magazine.com/news/tokyo-denies-major-military-cyber/
- Recently we brought you news of the U.K bank Tesco being breached. This week, news has surfaced that it looks like Tesco ignored warnings from VISA about the vulnerability used in the breach. VISA supposedly informed the bank a year prior and yet Tesco did not remedy the vulnerability.
- Read More @ https://www.scmagazine.com/tesco-bank-allegedly-ignored-warnings-of-hack-from-visa/article/575787/
- Lastly, malware tied to a Chinese APT12 group was found attacking the Taiwanese government. This is hardly surprising given China’s interest in that part of the world, but a good read non the less.
- Read More @ http://www.infosecurity-magazine.com/news/malware-tied-china-spotted/