Risk Radar Free Cyber Newsletter – Mar 7, 2017

Cyber Security Newsletter

Emergent threats, trends, and news annotated by some of the most well known and respected experts in the industry.

Only 17% of Security Pros Confident in US Cybersecurity
A recent survey of people that attended RSA by Tripwire shows that information security people are worried about US cybersecurity in 2017. The main concern with people in the survey is the ability of the U.S. government to defend against cyber-attacks. The survey showed security professionals also have concerns at the enterprise and business level.
Hackers use stolen inside info to blackmail progressive political groups
It appears that Russian hackers using methods similar to Cozy Bear have hacked several progressive political groups. One of the groups has confirmed the attack did take place. The hackers are threatening to release sensitive data if the ransom is not paid. While attribution is not completely confirmed at this point, it shows that politically motivated hacking continues.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.
Spammer’s Leaky Backup Exposes Massive Empire
Security researchers have discovered what looks like massive spamming operation. A backup of a U.S. company went public, the research of the backup by security researchers has indicated the massive spamming effort by this company. Law enforcement has been informed at this time and the U.S. company has not yet responded.

Proton RAT malware not a positive development for Mac users
The Proton RAT malware may be a sign that Mac’s could be targeted in the future with more effective malware. The developers of the RAT malware are making some bold claims on what their malware can do. The security researcher in the article did not have a sample of the RAT malware to verify the claims. Time will tell if the malware threat grows for Macs.
Active Defense Bill Raises Concerns Of Potential Consequences
Most of us would respond to an attack on our person.  A draft of a bill in the House would exclude organizations from prosecution if they hack back in response to an attack. The concept of hacking back after an attack is controversial. The consequences of hacking back could make things worse according to some security researchers.
HackerOne Offers Free Bounty Programs for Open Source
More open source programs are using the HackerOne Bounty program to make their programs more secure. Considering how much of the internet is based on open source technology this program from HackerOne could be a good thing.