Risk Radar Free Cyber Newsletter – Feb 21, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Ransomware Doubles Since July
Data coming out of 2016 is verifying what we know about ransomware. Ransomware doubled during the last half of 2016. The article breaks downs the ransomware increase during the last half of 2016. I would expect the increase in ransomware to continue into 2017.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

Google Discloses Another Unpatched Microsoft Bug
Vulnerability disclosure release timing makes for interesting discussions between the company and the security researcher. A Windows bug was supposed to be fixed in March 2016 but a security researcher with Google has found it to still be vulnerable. Google and Microsoft have been at odds on vulnerability disclosure before. It is not known if this bug was to be fixed in the delayed Windows February patches.

Google Touts Progress in Android Security in 2016
Trying to make the many Android devices secure is a very big undertaking. The need for security is very real in the Android world. Android devices are still the most likely to get targeted and infected by malware in the smart phone market. Google has its hands full trying to keep Android secure, but it does seem like Google is making a real commitment to Android security.

SMTP Strict Transport Security Coming Soon to Gmail, Other Webmail Providers
Gmail will be introducing Strict Transport Security to the email service in 2017. The security measure uses certificate pinning. Microsoft, Yahoo and Comcast are expected to adopt this standard also. This new standard is expected to make man-in-the-middle attacks much harder to do.
DHS Chairman Paints Bleak US Cybersecurity Picture
The Chairman of the house committee on Homeland Security is presenting a sober take on the state of U.S. cybersecurity at the RSA conference. The chairman states his current take on U.S cybersecurity and what needs to be done to improve it.
Trump and His Android Phone Putting National Security at Risk – Lawmakers
A group of lawmakers are asking the House Oversight Committee to review President Trump’s security practices. One of the points brought up is President Trump’s use of an old Galaxy S3 android phone for twitter. It is unlikely that these request will be acted on, but I think we all hope the President is using a secure way to do his tweeting.