The Most Comprehensive Data Protection Solution
Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.
First and Only Solution to Converge:
- Data Loss Prevention
- Endpoint Detection and Response
- User and Entity Behavior Analytics
Happy Friday! As the week comes to a close, here’s a look back at the top five security news articles.
Earlier this week, the Ukrainian energy ministry disclosed that it was investigating whether the December 23 blackout that left the Ivano-Frankivsk region of Ukraine without power was the result of a cyber attack. Soon after, Ukrainian news network TSN reported that the outage was indeed caused by malware. Researchers from ESET have identified that malware as BlackEnergy, a DDoS Trojan that was apparently used by “Russian security services” in the attack. The news lit up the security industry, as this event marks the first instance on record in which a power outage was caused by a malware attack. Read the article for more.
2. Time Warner Cable says up to 320,000 customers’ data may have been stolen by Sneha Banerjee and Anya George Tharakan
Perhaps the most talked about data breach story of this past week was Time Warner Cable’s warning that information on up to 320,000 customers may have been stolen. The story came to light when Time Warner Cable alerted select customers after receiving a warning from the FBI of the potential breach. The incident remains unconfirmed, and TWC maintains that there are no signs that its systems have been compromised. If true, the stolen information could include email addresses and passwords obtained either by malware spread through phishing attacks or from a third party with access to the information. Read the article for more.
The criminal gang behind the Tyupkin ATM malware campaign was taken down this week, with Europol announcing the arrest of eight involved individuals in Eastern Europe on Wednesday. The gang used the malware to carry out “ATM jackpotting” attacks, emptying cash from ATMs upon infection. The attacks seem to mostly target machines in Eastern Europe, though Kaspersky asserts that the malware has also been seen in the US, China, Russia, India, Israel, France, and Malaysia. For more on the ATM jackpotting arrests, read the article.
The DDoS attack that took the BBC’s website offline on New Year’s Eve may be the largest scale denial of service attack ever seen, if claims from the group behind the attack, New World Hacking, hold true. Following the attack the group boasted that the attack reached 602Gbps, nearly double the previous high of 334Gbps. The group, which also targeted Donald Trump’s website in a DDoS attack on New Year’s Eve, said that these attacks are only tests and that its primary goal in future attacks will be taking ISIS-affiliated sites offline. Read the article for more on the attack.
Researchers from Rapid7 made headlines this week when they discovered a flaw in Comcast’s Xfinity Home connected system that could “disable door and window alarms using radio-jamming attacks.” In short, the radio frequencies relied on by the smart home security system could be disrupted to turn off door and window sensors without triggering security alerts. The flaw has serious implications from a home security standpoint, as burglars could easily carry out these attacks with readily-available radio jamming equipment, software attacks, or even DIY methods. Read the article for more.