The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 1/8 Edition



The first full week of 2016 was at no lack for security news – here’s our roundup of the top headlines from this week.

Happy Friday! As the week comes to a close, here’s a look back at the top five security news articles.

1. Hacker Cause World’s First Power Outage with Malware by Swati Khandelwal

Earlier this week, the Ukrainian energy ministry disclosed that it was investigating whether the December 23 blackout that left the Ivano-Frankivsk region of Ukraine without power was the result of a cyber attack. Soon after, Ukrainian news network TSN reported that the outage was indeed caused by malware. Researchers from ESET have identified that malware as BlackEnergy, a DDoS Trojan that was apparently used by “Russian security services” in the attack. The news lit up the security industry, as this event marks the first instance on record in which a power outage was caused by a malware attack. Read the article for more.

2. Time Warner Cable says up to 320,000 customers’ data may have been stolen by Sneha Banerjee and Anya George Tharakan

Perhaps the most talked about data breach story of this past week was Time Warner Cable’s warning that information on up to 320,000 customers may have been stolen. The story came to light when Time Warner Cable alerted select customers after receiving a warning from the FBI of the potential breach. The incident remains unconfirmed, and TWC maintains that there are no signs that its systems have been compromised. If true, the stolen information could include email addresses and passwords obtained either by malware spread through phishing attacks or from a third party with access to the information. Read the article for more.

3. Eight arrested in Eastern Europe over ATM malware attacks by Tom Reeve

The criminal gang behind the Tyupkin ATM malware campaign was taken down this week, with Europol announcing the arrest of eight involved individuals in Eastern Europe on Wednesday. The gang used the malware to carry out “ATM jackpotting” attacks, emptying cash from ATMs upon infection. The attacks seem to mostly target machines in Eastern Europe, though Kaspersky asserts that the malware has also been seen in the US, China, Russia, India, Israel, France, and Malaysia. For more on the ATM jackpotting arrests, read the article.

4. DDoS attack on BBC may have been biggest in history by Maria Korolov

The DDoS attack that took the BBC’s website offline on New Year’s Eve may be the largest scale denial of service attack ever seen, if claims from the group behind the attack, New World Hacking, hold true. Following the attack the group boasted that the attack reached 602Gbps, nearly double the previous high of 334Gbps. The group, which also targeted Donald Trump’s website in a DDoS attack on New Year’s Eve, said that these attacks are only tests and that its primary goal in future attacks will be taking ISIS-affiliated sites offline. Read the article for more on the attack.

5. Xfinity Smart Home Flaws Could Enable Burglars by Paul Roberts

Researchers from Rapid7 made headlines this week when they discovered a flaw in Comcast’s Xfinity Home connected system that could “disable door and window alarms using radio-jamming attacks.” In short, the radio frequencies relied on by the smart home security system could be disrupted to turn off door and window sensors without triggering security alerts. The flaw has serious implications from a home security standpoint, as burglars could easily carry out these attacks with readily-available radio jamming equipment, software attacks, or even DIY methods. Read the article for more.

Nate Lord

ANALYST REPORTS

Gartner 2017 Magic Quadrant for Enterprise Data Loss Prevention (DLP)

Nate Lord

Nate Lord is the former editor of Data Insider and is currently an account manager covering the southeast, Great Lakes, and Latin America regions at Digital Guardian. He has over 7 years of experience in the information security industry, working at Veracode prior to joining Digital Guardian in 2014. Nate enjoys learning about the complex problems facing information security professionals and collaborating with Digital Guardian customers to help solve them.