The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Friday Five: 5/27 Edition



It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Kansas Heart Hospital hit with ransomware; attackers demand two ransoms by Ms. Smith

Despite a recently issued advisory by the FBI to not pay ransomware attackers, Kansas Heart Hospital, which fell victim to ransomware last week, paid the ransom (amount undisclosed by the hospital’s president)… and still weren’t given full access to their files. Instead, the hackers demanded a second ransom. The hospital refused to pay this time. Kansas Heart claims they had some type of plan implemented to minimize the damage and that the attack never impacted patient treatment. Hopefully the hospital’s misfortune will serve as an example for others faced with the ransomware threat: don’t pay ransoms unless absolutely necessary and back up your critical data regularly. Read the full article for more on Kansas Heart Hospital’s ransomware attack.

2. Microsoft bans common passwords that appear in breach lists by Richard Chirgwin

With data breaches galore from Beautifulpeople.com to LinkedIn, Microsoft is starting to lock down on passwords. Too-common passwords that have appeared on breach lists are now blocked from use. This new ban is now live in Microsoft Account Service. Say goodbye to using “password” or “123456”! Even safety features like required minimum password length, inclusion of special characters and numbers, and periodic password resets are outdated and won’t keep you safe, according to Microsoft. Read the full article on The Register.

3. North Korea Linked to Digital Attacks on Global Banks by Nicole Perlroth and Michael Corkery

A recent string of cyber heists that have stolen millions from Asian banks has been attributed to North Korea. The attacks targeted SWIFT, a Belgian provider of financial messaging services that are used to facilitate money transfers around the globe. The latest research into the campaign found that the attackers were using highly unique code that had only been previously seen in the Sony Pictures data breach of 2014 and attacks against South Korean banks the year prior – both of which had been attributed to the North Korean government. If correct, this finding would be the first known financial attack backed by a national government. Read more about the SWIFT heists in the New York Times article.

4. Amazon Users Targets of Massive Locky Spear-Phishing Campaign by Tom Spring

Another massive ransomware campaign has been discovered, this time targeting Amazon customers with the Locky ransomware strain. The attacks have used spear-phishing emails laced with Microsoft Word attachments containing malicious macros that, once launched, download and run Locky. The researchers behind the discovery are calling it one of the biggest ransomware phishing campaigns of 2016, having sent up to 30 million phishing emails in a 12 hour span on May 17 (other researchers have put this number as high as 100 million). The phishing emails spoofed Amazon shipping notifications to trick customers into opening the malicious attachments. For more on this ransomware campaign, read the article on Threatpost.

5. Reddit forces password reset of 100,000 users by Charlie Osborne

Though not yet exploited, Reddit’s looking out to get ahead of the recent string of data breaches by enforcing a reset of 100,000 user accounts. As they continue to validate that account users are actually the account holders, more password resets will be sent. Their blog post outlines some tips on how to strengthen passwords, including keeping an eye out on their account activity page for any suspicious activities. Reddit is also planning on sending password resets to throwaway accounts, or those that have never posted, voted, or been logged onto for years. If those accounts remain unused, Reddit will delete them. Read the full article for more info.

Ellen Zhang

ANALYST REPORTS

Gartner 2017 Magic Quadrant for Enterprise Data Loss Prevention (DLP)

Ellen Zhang

Ellen is the Acquisition Marketing Manager at Digital Guardian, with nearly half a decade of experience in the cybersecurity industry. As the company's SEO and PPC manager, Ellen has spent numerous hours researching information security topics and headlines.