Risk Radar Free Cyber Newsletter – May 31, 2016

Amazon Users Targets of Massive Locky Spear-Phishing Campaign
There is a massive spear phishing campaign targeting amazon users, an estimated 30 million spam messages have been sent out. If the user opens the infected word document in the email the ransomware Locky is installed. As always be wary of emails with word attachments.

Dr. Peter Stephenson is back with a deep dive on Petya and Mischa ransomware.

Microsoft has issued a warning on a new ransomware, called Win32/ZCryptor.A. It is able to move on its own from computer to computer.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

Cybercrime Hit Businesses Hardest in 2015, says IC3 Report
The year of 2015 was a good year for hackers and a bad year for businesses. A combination of social engineering, phishing, and malware attacks made for a tough year. 2016 looks to be a bad year also, It could be even bigger losses due to the sharp increase in ransomware.

Did the Clinton Email Server Have an Internet-Based Printer?
I don’t care what party the government official belongs to, I hope their security is better than this. It is still unclear if an internet capable printer was connect to It does look like it was setup to work as one. Hopeful the lessons learned from Clinton’s personal email server are put into practice in the government.

Judge Tosses Evidence Gathered by FBI’s Tor Exploit
Due to the FBI’s refusal to share information about the Tor technique with the defense the evidence has been excluded. The court sided with the constitutional rights of the defendant. It looks like Mozilla will not be getting info on the exploit in the Tor browser.
Apple rehires prominent security pro as encryption fight boils
Jon Callas has been hired by Apple, Apple has declined to provide details of his roll. It is speculated that he will be working with encryption. This hire does seem to indicate that Apple is not backing down on the encryption fight with the government.
Millennials Could Learn From Baby Boomers When It Comes To Security
The hipsters out there could learn some good security practices from us old folk. A Webroot survey shows that millennials not only share more person information but also have worse security practices. Millennials are better at spotting internet based scams, it looks like both groups can learn from each other.