This Week in Security News

9.25.2015

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.

Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!

 

A Malicious Code has Slipped into Nearly 40 iOS Apps

The recent news that the malicious code XcodeGhost made it into nearly 40 iOS apps and thus out to hundreds of millions of iPhone and iPad users is a watershed moment that calls into question the viability of “trust us, we’ve got it covered” as the sole means of protecting iOS users. 

It’s Been 1 Year Since Shellshock

One year after Shellshock, the panic has subsided, but the threat goes on living. Attacks related to Shellshock continue to plague our digital world. We have seen 50 attacks on our honeypots and customer systems in the past 15 days alone.

OPM Says 5.6 Million Fingerprints Were Stolen in Cyberattack

One of the scariest parts of the massive cybersecurity breaches at the Office of Personnel Management just got worse: The agency now says 5.6 million people’s fingerprints were stolen as part of the hacks. That’s more than five times the 1.1 million government officials estimated when the cyberattacks were initially disclosed over the summer.

The Philippines has Created a National Cybersecurity Body

Philippine President Benigno S. Aquino III has formed the National Cybersecurity Inter-Agency Committee that will assess the vulnerabilities of the country’s cybersecurity, and the Office of the Executive Secretary released Wednesday a copy of Executive Order No. 189 for the creation of the committee. 

Credit and Debit Card Data Breach Incidents Have Increased 169% in the Past 5 Years

We’ve taken 10 years of information on data breaches in the U.S. from the California-based Privacy Rights Clearinghouse (PRC) (from 2005 through 2015) and subjected it to detailed analysis to better understand the real story behind data breaches and their trends. Our report has just been released. 

The Pentagon has New Plans to Fight Cybercrime

The U.S. Department of Defense is developing a new cybersecurity framework designed to help stay one step ahead of oncoming cyber threats. According to the deputy commander of U.S. Cyber Command, the electronic system will detect vulnerabilities associated the military’s computer networks, weapons systems and installations. 

More than 2/3 of InfoSec Professionals Won’t Vote for a Presidential Candidate Who Doesn’t have a Strong Cybersecurity Policy

When asked in a recent survey what role cyber-security policy and regulation play in the upcoming presidential election, 54% of InfoSec Professionals said it would be a key issue. However, 32% acknowledged that while most candidates will discuss cyber-security, these discussions will be mainly rhetoric.

Ransomware has Changed Targets from Consumers to Businesses

Perpetrators behind ransomware have moved away from targeting consumers and tailored their attacks to extort small and medium-sized businesses (SMBs). These SMBs are less likely to use comprehensive backup solutions unlike in enterprises, increasing the probability of paying the ransom. 

New Report Says Federal Government has 2nd Best Cybersecurity Defenses of Any Sector

The federal government has the second-best cybersecurity defenses of any sector, following the financial industry, according to a new report. Analysis of 119 agencies by security research firm BitSight suggested that in general, federal organizations do a decent job at securing their networks against threats — even given the massive data breach at the OPM.

Does Your Favorite Presidential Candidate Make the Grade?

Where does your Presidential candidate stand on privacy? A new survey rates the candidate’s websites with early ¾ receiving a failing grade. This week, the Online Trust Alliance released a survey of all 23 Presidential Candidates. The findings are very interesting and disappointing. Only 6 of the 23 got a “passing” grade, while the remaining 17 got failing grades.

Please add your thoughts in the comments below or follow me on Twitter; @GavinDonovan.



from Trend Micro Simply Security http://ift.tt/1Mu3iD7
via IFTTT