Skip to main content

Friday Five: 9/30 Edition

by Ellen Zhang on Tuesday October 11, 2016

Contact Us
Free Demo

It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. How This CEO Went From Shutdown, To Shake Up, To Nearing IPO by Alison Coleman

Forbes features Digital Guardian CEO, Ken Levine, in this article on how he transformed and rebranded Verdasys into Digital Guardian. With experience in cyber security under his belt through NitroSecurity and then McAfee, Ken was intrigued with Verdasys’s technology. Taking a neglible salary ($1 at the time of his start) and having invested around $10 million to date, Ken believes that winning is only when all the other investors and employees have won as well. Now Digital Guardian, the company’s revenues have grown at 30% annually. For more on Ken’s story, read the full article on Forbes.

2. Malvertising Attack Threatens 2 Million Visitors Daily by Tara Seals, a knowledge-based website, has been infected with malvertisements. Visitors exposed to these malvertisements could be infected with ransomware without even clicking on an ad. This leaves 2 million visitors daily vulnerable. The attack uses the RIG exploit kit to drop CrypMIC ransomware by using wscript.exe to bypass certain proxies. Read the full article for more info.

3. Yahoo to be sued over mega breach by Max Metzger

Following Yahoo’s recent announcement of a huge 2014 data breach, angry customers have filed lawsuits. The suit states that if Yahoo had been more vigilant about user privacy, millions of personal data wouldn’t have been leaked. Additionally, they point out that Yahoo took too long to come forward about the breach. Users are becoming more demanding of corporate responsibility to protect data. Two other recent examples of lawsuits filed against companies that’ve suffered data breaches include Morrisons and Seagate. Though any customer considering taking legal action needs to prove that they’ve incurred direct financial loss, customer troubles on top of compliance woes and breach fines should be enough of a headache for companies to reinforce the need to be more proactive in cyber security. Head over to SC Mag for more.

4. FBI probes hacks targeting phones of Democratic Party officials: sources by Mark Hosenball

The same day U.S. Homeland Security disclosed that 18 states have asked for cyber security help with their electronic voting systems, the FBI requested to examine cell phones of Democratic Party staffers through “imaging” to search for evidence of hacking. Once again, the finger is pointed at Russia. If hackers were successful, they could’ve stolen a large variety of data from text messages, emails, photos, and contacts. Check out Reuters for more info.

5. Hackers Infect Army of Cameras, DVRs for Massive Internet by Drew Fitzgerald

KrebsOnSecurity was not the only site affected by recent DDoS attacks. French web hosting provider OVH was also among those that fell victim. Hackers used hijacked IoT devices such as security cameras and video recorders. This is just the tip of the iceberg. As homes and business buildings become “smarter”, attackers are given a larger selection of electronics to hack. Because many of these are items get plugged in and forgotten, many people neglect to update software, putting that device at risk. For more on this IoT army story, head over to the Wall Street Journal.

Tags:  Security News

Recommended Resources

The Definitive Guide to DLP

  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives

The Definitive Guide to Data Classification

  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business