The most important story of the week was the one about a fake Whatsapp application found in Google Play store that tricked over a million of users into downloading it. Let’s find out what happened in cyber security industry this week in our weekly security roundup. Grab your coffee or tea and read the news!
We begin our roundup with Whatsapp, as we know it’s one of the most popular and used app out there. Be careful on what you download from Google Play! This scam Whatsapp app was first spotted by Reddit users and was called “Update WhatsApp Messenger”. It appears that the bad guys chose a smart trick to deceive inexperienced app users into downloading it. The app was listed as a product of WhatsApp Inc., which is known to be the real developer of the favorite app.
News about new ransomware emerging don’t seem to stop anytime soon. According to security researchers, new variant of the Crysis/Dharma ransomware has been released. This his new version will append the .cobra extension to encrypted files. It is not known exactly how this variant is being distributed.
New information about Equifax come to light. The company claimed that four top executives did not know about the worst data breach in Equifax history when they collectively sold about $1.8 million worth of shares.
Women in cyber security. If you’re passionate about cyber security, this story might inspire you to follow your path in this industry. Lisa Bobbit from Cisco share her experience and gives insightful recommendations on how she succeeded and fall into cyber security.
According to a new research that surveyed 913 IT security professionals, it found out that 18 percent of them still use a paper-based logbook to manage privileged accounts. These findings are significant considering that privileged accounts provide unlimited access to essential IT infrastructure and a company’s most critical and sensitive systems and data.
Here’s another interesting research! A study of dark web markets by Google in partnership with the University of California at Berkeley has found millions of usernames and passwords that were stolen directly through attacks, and billions of usernames and passwords indirectly exposed in third-party data breaches.
Is something safe this days on the Internet? A total of 2,531 of the top 3 million websites (1 in 1,000) are running the Coin Hive miner, according to new stats from analytics firm Red Volcano.
Hackers have been exploiting a vulnerability found in Microsoft’s software to install malware on business computers. Security researchers discovered that a Russia-linked hacking group known as APT28 have been using a Microsoft protocol called Dynamic Data Exchange (DDE) to run malicious code through a poisoned Word document.
According to a new study, 43 percent of consumers in the US and 46 percent in the UK say they have ‘no idea what AI is about.’ The majority of respondents are optimistic about the potential for AI to manage both personal and professional tasks. However, the data shows the need for more education on the new opportunities AI can create to increase productivity and help build businesses.
Hackers use various methods to gain access and hijack users’ accounts. Research found that phishing is a greater threat to users than keyloggers and third-party breaches. In terms of numbers, researchers have identified 788,000 potential victims of keyloggers; 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches. More findings in the article.