Friday Five: 10/23 Edition

Your weekly roundup of information security news.

Happy Friday! Close out the work week with our picks for the hottest articles from the IT and security presses:

  1. "NYSE releases a cybersecurity guide for public companies" by Priya Anand
    All companies, no matter how big or small, have cybersecurity concerns. This month the NYSE and Palo Alto Networks released a 335-page cybersecurity guidebook that they have dubbed the “definitive cybersecurity guide for directors and officers.” The book covers many issues that are top of mind for security teams today, from the plausibility of preventing a data breach to the question of “to disclose, or not to disclose” to the need for security leadership and shareholder engagement on security issues. To learn more about the release of this book, read this article.
  2. "X-Ray Scans Expose an Ingenious Chip-and-Pin Card Hack by Andy Greenberg
    Credit card fraud continues to worsen and widen in its impact, and thus it is only logical to implement a stronger security measure – many have hoped the “chip-and-PIN” system would be the answer. The security of this system is built around the fact that thieves would need both the PIN and the card itself in order to steal users’ information. According to some French security researchers, however, there’s a seamless chip-switching trick which could debunk the security of the “chip-and-PIN” system.
  3. "​Fitbit tracker hacked in 10 seconds" by CBS News
    Earlier this month, Axelle Apvrille, the senior antivirus researcher at Fortinet, reverse engineered the FitBit. Axelle demonstrated how an infected FitBit could be connected to the wearer’s computer and thus infect the computer as well. The exploit is made possible through the FitBit’s Bluetooth connection.
  4. "Report: Teen Hacked Private Accounts of CIA Director and Homeland Security Secretary" by Lily Hay Newman
    Personal information of the CIA director and Homeland Security Secretary has recently been hacked by a group of teens in the U.S. - supposedly. The teen hackers socially engineered their way into CIA director John Brennan’s AOL account; tricking Verizon and Brennan’s bank into providing the information needed to reset his AOL email password. To learn more about this recent hack, read this article.
  5. "The Dridex botnet ain't done yet, say researchers" by David Bisson
    In last week's Friday Five, one of the featured articles was "Authorities Seize Servers to Disrupt Dridex Botnet". Dridex is the malware which steals banking information to commit fraud. Recently, Dridex was taken down internationally - or so we thought. According to some researchers, Dridex botnet isn't gone just yet. To learn more about how the Dridex botnet may still be around, read this article.
Susan Xu

Please post your comments here

Digital Guardian MSP Datasheet

Get the details on how our security experts work to secure your sensitive data, so you can focus on your business.

Download Now

Related Articles
74 Arrested in FBI, DOJ BEC Scam Takedown

74 individuals were arrested over the last two weeks for their role in Operation Wire Wire, a law enforcement effort carried out by the FBI to disrupt a multi-million dollar business email compromise (BEC) scam campaign.

Friday Five: 2/16 Edition

Data protection jobs, Bitcoin phishing, and Amazon S3 leaks -- catch up on the week's infosec news with this roundup!

Friday Five: 12/11 Edition

Happy Friday! Close out the work week with our picks for the hottest articles from the IT and security presses: