Cyber Attack News, Articles and Updates

Organisations need to identify nation state attacks - but not attackers

For an enterprise security team to attempt investigate who is behind an attack is extremely complicated and time consuming, and most importantly does very little to improve the organisation's defences against further attack.

SEC issues cyber-security guidance disclosure

"Principles-based" guidance issued by the Securities and Exchange Commission (SEC) Wednesday clarifies how the commission views the disclosure responsibility of public companies that have fallen victim to a cyber-attack.

2018 Winter Olympics hit with destroyer malware during opening ceremony

Warnings that the 2018 Winter Olympic Games would be the target for hackers came true almost immediately as the Pyeongchang computer system was hit with a "destroyer" cyber-attack knocking its website and other services offline.

Baby boomers more cyber-security savvy than Gen-Z, study

Generation Z are the least ransomware savvy generation while baby boomers were more likely to accurately define ransomware and were the savviest when it comes to not forwarding emails from unknown senders.

A high-impact cyber-attack on UK likely in the next 2 years

It is a matter of "When, not if" a major cyber-attack on the UK will happen says Ciaran Martin, head of the NCSC. This statement raises the prospect of huge disruptions to the British government and critical infrastructure.

Hack of initial coin offerings leads to loss of millions in cryptocurrency

Initial coin offerings (ICO) are losing about 10 percent of all ICO funds generated to cyber-attack due to poor cyber-security as malicious actors take advantage of the absence of a centralised authority.

Proposed Pentagon plan sees nuclear response to some cyber-attacks

A massive and crippling cyber-attack upon the United States' infrastructure could elicit a nuclear response under a newly drafted strategy that has been presented to President Trump.

Cyber-attack shuts down US Regional Hospital's online system

A cyber-attack that left computer screens at Hancock Regional Hospital in Greenfield, Indiana, USA, with a ransom message for bitcoin has caused the entire network at the hospital to go offline to stop damage to data of the patients.

ICO levies £400,000 fine on Carphone Warehouse following 2015 data breach

Following a cyber-attack in 2015 that caused a data breach from one of Carphone Warehouse's computers, the company has just been given a £400,000 fine, one of the highest fines for a data-breach in the UK to date.

Ukrainian software company compromised to spread Zeus banking trojan

Cyber-criminals launched a cyber-attack using the official website of a Ukraine-based accounting software developer to distribute a new variant of Zeus over a Ukrainian holiday.

Growth in impersonation attacks greater than malware attacks

While many organisations still fear of malware being the main burden to their email cyber-resilience, the findings show only 15 percent increase in these type of email attacks compared to the last figures.

Cryptocurrency thieves steal £51 million of Bitcoin from mining platform

Hackers may have gotten away with £51 million of bitcoin after a cyber-attack hit the cryptocurrency mining platform NiceHash. The attack was highlighted on Twitter and Reddit with users saying they may lose hundreds of dollars.

Action Fraud launches 24/7 helpline to combat cyber attacks

Action Fraud, the UK's national fraud and cyber-crime reporting centre, has launched a 24/7 live cyber-attack helpline. During its pilot since October 2016, Action Fraud's 24/7 cyber-helpline received 377 reports.

'Crash' testing programme needed to achieve autonomous vehicle security

Driving the Autumn Budget - speed of introduction causes concerns over safety of autonomous vehicles, including terrorist take-over, plus where responsibility lays - user, manufacterer (hardware/software) and regulator.

Arabic, Urdu, Persian, Pashto InPage processor used by 3 malware families

An exploit in the InPage word processor program was used as an attack vector by three malware families. The word processor supports languages such as Urdu, Persian, Pashto, and Arabic.

ONI ransomware used to cover track in long-term attacks against Japanese firms

A new strain of ransomware has been used to attack Japanese firms and delete evidence, according to security researchers. Hackers made significant attempts to hide covert operations.

Attack is imminent - get "back to basics" - not just during CyberSec month

Patching and application control should be first on the list to strengthen your organisation against attack, but take a strategic approach, and don't just patch for the latest WannaCry, but for the next big attack too says Amber Boehm.

Iran is being blamed for a cyber-attack against Parliamentary emails

The 23 June 12-hour brute force hack-attack against 9,000 parliamentary email accounts, including minsters and the PM, is now being blamed on Iran.

Defence minister says Poland fended off Russian cyber-attack on businesses

Poland's defence minister reportedly disclosed that his country successfully stopped yet another Russian cyber-attack.

Malicious websites targeting Israeli institutions- TwoFace webshell link

A webshell used to harvest credentials from an unnamed Middle Eastern organisation appears to be targeting Israeli institutions and may possibly be linked to the Iranian APT group OilRig.

Avast narrows down probable location of CCleaner attacker

Avast continued to reveal further details surrounding the cyberattack that placed a backdoor in its free computer maintenance app, CCleaner. Attack believed originated from a country located in the UTC + 4 or UTC + 5 time zones.

Tier one incident expected, Government cyber-specs likely - NCSC

We can expect to see a cyber-security incident at a category one level within the next few years. The government specifying what it will buy is an effective way of changing the market - Ian Levy, technical director, NCSC

WikiLeaks homepage defaced as it dumps more CIA hacking tools

The Central Intelligence Agency can take some small comfort that as WikiLeaks was preparing for its latest dump of the spy agency's Vault7 hacking tools, a group of hackers was busy defacing WikiLeaks' homepage.

Web application attacks accounted for 73% of all incidents says report

Web application attacks accounted for 73 percent of all incidents and pure public cloud installations experienced the fewest security incidents in recent industry report.

Breaking: NHS Trust crippled by cyberattack

A malware infection on a Lincolnshire hospital has caused an NHS trust to shut down major operations across several hospitals

Researcher finds Mirai flaws that could allow counterattack on botnet

IoT botnet blamed for Dyn attack - Mirai - has several code vulnerabilities but questions are raised over legality of its use in defence.

ICYMI:PSN hacked; Russia prepares; Internet blackouts; Mirai botnet use; GDPR & Brexit

This week In Case You Missed It looks at: PSN hack on B1 launch; Russia prepares for retaliation; Blackouts from Dyn DDoS; Mirai botnets cause Dyn blackouts; Brexit confuses GDPR plans.

CIA readies itself for cyber-attack on Russia

"Covert" action against Russia planned by Obama administration says NBC report

InfoSec 2016: 3/4 experts agree working together crucial to incident response

A group of industry experts joined for a panel to discuss enterprise-wide cyber-incident response plans and proactive techniques for a rapid response and three of the four panellists agreed it's all about the people.