Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Chinese spies target US intellectual property (CSO)
The U.S. economy is losing hundreds of billions of dollars each year to economic espionage, mainly from China, experts say. Some of the problem is political, but plenty of it is due to a ‘stupefying’ lack of security
- The Ashley Madison hack...in 2 minutes (CNN Money)
The hackers have also released financial information about the company that runs it, Avid Life Media, and the emails of its CEO. The hackers say they aren't done yet.
- Attacks on Virtual Infrastructure Cause Double the Pain (Info Security)
The cost of recovering from a security incident doubles when the attack affects virtual infrastructure, according to new research from Kaspersky Lab.
- Combating DDoS defence buck passing: Nexusguard (ZDNet)
Distributed Denial of Service (DDoS) defence is a grey area in Australian cyber security, with cloud providers and businesses juggling the responsibility of eradicating the vulnerability, according to DDoS defence firm, Nexusguard.
- iOS Sandbox Vulnerability Puts Enterprise Data at Risk (The Hacker News)
Turkish security bod Utku Sen has published what appears to be the first openly available source code for ransomware – free for people to use and spread.
- DDoS Attacks Against Banks Increasing (Bank Info Security)
Three years after leading U.S. banking institutions were targeted by waves of distributed denial-of-service attacks waged against them by the hacktivist group known as Izz ad-Din al-Qassam Cyber Fighters, DDoS attacks have continued to grow in number and magnitude.
- Password 'XXXXairocon' pops Wi-Fi routers from ASUS, ZTE and others (The Register)
A bunch of home gateway vendors, presumably sourcing their firmware from the same place, can be hijacked using depressingly common hard-coded logins.
- FBI: $1.2B Lost to Business Email Scams (Krebs on Security)
The FBI today warned about a significant spike in victims and dollar losses stemming from an increasingly common scam in which crooks spoof communications from executives at the victim firm in a bid to initiate unauthorized international wire transfers. According to the FBI, thieves stole nearly $750 million in such scams from more than 7,000 victim companies in the U.S. between October 2013 and August 2015.
- Dark Web market Agora suspends operations due to Tor vulnerability (Naked Security)
Agora, said to be the Dark Web's largest dark market since Silk Road was shuttered, has been spooked by what it called "suspicious activity" and recent research into vulnerabilities in Tor that it fears could help to unmask its server locations.