Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Scottrade suffers hack; 4.6M customers notified of breach (ZDNet)
The brokerage firm confirmed the attack, but said the focus of the attack was client contact details rather than financial information.
- VW’s ‘neat hack’ exposes danger of corporate software (TheGaurdian)
For anyone interested in what is laughingly known as “corporate responsibility”, the Volkswagen emissions-fraud scandal is a gift that keeps on giving. Apart from the company’s Nazi past, its high status in German life, its hitherto exalted reputation for technical excellence and quality control, and its peculiarly dysfunctional governance, there is also the shock to consumers of discovering that while its vehicles are made from steel and composite materials, they are actually controlled by software. We are already close to the point where that software may be more valuable than all the physical materials that make up the vehicle, and, if Apple and Google have their way, that imbalance is set to grow.
- Incredible! Someone Just Hacked 10,000 Routers to Make Them More Secure (TheHackerNews)
Security firm Symantec has discovered a new malware, dubbed "Linux.Wifatch" a.k.a "Ifwatch," infected more than 10,000 vulnerable 'Internet of Things' devices, and spreading quickly.
- Why Companies Won’t Learn From the T-Mobile/Experian Hack (The New Yorker)
Last Thursday, John Legere, the C.E.O. of T-Mobile, joined the ranks of the dozens of chief executives who, in the past few years, have had to inform their customers that their personal information has been stolen. “One of our vendors, Experian, experienced a data breach,” Legere tweeted, referring to a Dublin-based credit bureau that his company uses to collect, store, and secure customers’ personal information. Experian explained the details on its Web site.
- Angler Ransomware Campaign Disrupted (Bank Info Security)
A cybercrime ring that employed the Angler Exploit Kit to earn an estimated $34 million per year from ransomware infections alone has been disrupted by security researchers at Cisco's Talos security intelligence and research group.
- Near-flawless Social Engineering attack spoiled by single flaw (CSO Online)
A reader recently shared an email that was sent to their comptroller, which by all accounts was a near-perfect social engineering attempt. However, awareness training, combined with full executive support to question any suspect request, prevented what could've been a massive financial hit to the organization.
- U.S. will not seek legislation against encryption (PC World)
The U.S. administration will not seek legislation at this point to counter the encryption of communications by many technology services and product vendors, but will work on a compromise with industry, a senior U.S. official said Thursday.