Skip to main content

Friday Five: 4/8 Edition

by Ellen Zhang on Thursday October 13, 2016

Contact Us
Free Demo

Happy Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Panama Papers Leak Casts Light on a Law Firm Founded on Secrecy by Kirk Semple, Azam Ahmed, and Eric Lipton

This week, hackers leaked millions of sensitive documents from one of the most guarded law firms in the world. Headquartered in Panama, long known as the capital of offshore banking, Mossack Fonseca touted itself on privacy. However, the leak exposed corruption by some of the world’s wealthiest and most influential people, resulting in the resignation of Iceland’s prime minister and criminal investigations on at least two continents. Fonseca, who was previously linked to political corruption in Brazil, denies responsibility for the shell companies they create and feels that his firm has been robbed of the privacy their clients deserve. The effect of the leak has rolled over to other sectors of Panama’s economy and has law firms on their toes. Read the full article for more information about the Panama Papers leak.

2. Forget Apple vs. the FBI: WhatsApp Just Switched on Encryption for a Billion People by Cade Metz

Good news for WhatsApp users: Founders Brian Acton and Jan Koum’s two-year long collaboration with cryptographer extraordinaire “Moxie Marlinspike” has resulted in end-to-end encryption on all forms of communication. Whether it be a message, phone call, photo or video, your data will be secure. The project started in 2013 but didn’t take off until the three met serendipitously through one of WhatsApp’s engineers. They shared in the idea of bringing private conversations and private speech back to individuals. With the support of Silicon Valley’s general belief in the value of encryption, WhatsApp’s prolific reach of some billion users will now be a huge part in the clash between law enforcement and communications privacy. Follow WhatsApp’s journey to encryption with the full article on Wired.

3. MedStar Hit With Samsam Ransomware: Source by Doug Olenick

On Wednesday the news broke that an IT outage at MedStar Health hospital group late last month was indeed caused by a ransomware attack. According to an Associated Press source familiar with the investigation, the attack used the samsam/Samas ransomware strain and compromised the hospitals’ network by exploiting a misconfiguration vulnerability in a JBoss application server. The network outage at MedStar was first reported in late March, but it wasn’t until this week that suspicions that this was yet another ransomware attack on a hospital were confirmed. As of April 5, MedStar’s systems have reportedly been restored, but an FBI investigation into the incident is still in progress. Read the article for more on the latest healthcare ransomware attack.

4. Hackers Breach Law Firms, Including Cravath and Weil Gotshal by Nicole Hong and Robin Sidel

It seems that law firms are back in cybercriminals’ crosshairs. Just days before the Panama Papers leak was disclosed, hacking attacks and potential data breaches were announced at major U.S. law firms Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP, among others. The Manhattan U.S. attorney’s office and FBI are currently investigating the attacks, which are believed to have targeted data that could be used in insider trading schemes. It has not been disclosed as to whether or not the attackers were successful in stealing any data, but given the typical clients of the victim law firms – multinational corporations and Wall Street banks, in particular – the motive for why these firms were targeted seems pretty clear. Read the article for more on this hacking attack against U.S. law firms.

5. Locky Variant Changes C2 Communication, Found in Nuclear EK by Tom Spring

New variants of Locky, a strain of ransomware that has recently been used in multiple attacks targeting businesses, were discovered by security researchers this week. The latest versions of Locky have been updated to better hide the ransomware dropper’s communications with external servers used to deliver Locky. The researchers behind this discovery also found that Locky has been included in the popular Nuclear Exploit Kit. The latter discovery marks a new delivery method for Locky, which until recently has primarily relied on email phishing/spam campaigns to propogate. Read the article for more on the latest developments of Locky.

Tags:  Security News

Recommended Resources

The Definitive Guide to DLP

All the essential information you need about DLP in one eBook.

The Ultimate Guide to Data Protection

Everything you need to know about data protection but were afraid to ask.