ICYMI: 2017 predictions; Post-Brexit; Trusting employees; Card Phish scam; WhatsApp delivers malware
ICYMI: 2017 predictions; Post-Brexit; Trusting employees; Card Phish scam; WhatsApp delivers malware

Cyber-security industry 2017 predictions: reaching the tipping point

SC's Roi Perez sifts through a mountain of predictions for cyber-security in 2017 to pick out recurrent trends, specific predictions and warnings as to where we need to prioritise our defences in the year ahead.

2016 was quite a year for cyber-security. With cloud services becoming near ubiquitous, unsecured Internet of Things devices delivering on their threat of being a major security headache, autonomous cars gaining frontpage coverage thanks Tesla and the changing face of business and consumer technology, it's safe to say that criminals are basking in the glory of an ever-growing attack surface on which lays the next bitcoin-shaped pay slip for those with more daring than moral scruples. More... 

Data protection: What next after Brexit?

Leaving the EU is a two-year process, so the UK will still be a member when the update to the EU General Data Protection Regulation (GDPR) comes into force in May 2018.  Some things are already clear. For example, even if the UK does makes changes to its implementation of GDPR following Brexit, companies that do business in Europe will still have to comply with EU data protection rules. More...

Employees put organisations at risk by being too trusting

New research from Avecto discovered that office workers are putting organisations at risk by being too trusting of online scammers. The company polled 1,000 people whose jobs require that they use the internet on a daily basis.

Nearly two-thirds (65 percent) of workers would be wary of clicking a link in an email from an unknown sender, but if that email appeared to be from a colleague, supplier or friend, over 68 percent would have no concerns about downloading content or clicking on the links.More...

Criminals phish credit card numbers with "Twitter verification" scam

Criminals are using the promise of verified accounts on social media to lure users into a credit card phishing scheme. According to research by Proofpoint, attackers are placing legitimate ads targeting brand managers and influencers with a link to a phishing site purporting to offer account verification. Usually, account verification on social networks such as Twitter, involves multiple verification steps for "accounts of public interest".

The IT security firm said that the promise of a quick verification process is attractive, especially to smaller businesses that potentially lack the resources to meet Twitter's requirements for account verification. More...

Mobile malware disguised as Microsoft docs spread via WhatsApp

Mobile malware was spotted targeting WhatsApp users in India through messages claiming to be from government agencies. Two malicious files named "NDA-ranked-8th-toughest-College-in-the-world-to-get-into.xls" and "NIA-selection-order-.xls" are purportedly from the National Defence Academy (NDA) and National Investigation Agency (NIA), according to the Economic Times of India.

Central security agencies in the country said it appears the malware is targeting defence, paramilitary and police forces. More...