Risk Radar Free Cyber Security Newsletter – Feb. 2, 2016

No agreement as deadline to replace Safe Harbor nears
There may or may not be an agreement by the time you read this. The EU negotiators appear to be willing to miss the Jan 31 deadline rather than compromise on their principles. The original Safe Harbor agreement enabled U.S. Companies to store EU citizens data in the U.S. as long as the U.S. company complied with the EU data protection laws. The original Safe Harbor act was overturned last October by the EU. The end result of this process could make for some big changes in the way the internet works.


Cyberthieves Have a New Target: Children
Children being targeted for identity theft has happened before. The troubling thing is the targeting of children’s identity seems to be increasing. It is hard to know how many kids are being targeted, most affected kids do not find out they have been hacked until they are in their late teens or early 20’s. The article covers some good steps to protect kids against identity theft, some action in the congress is also covered.


BlackEnergy APT Group Spreading Malware via Tainted Word Docs
Kaspersky Lab’s has discovered a spearfishing attack using Microsoft office files to spread the BlackEnergy Trojan. These attacks seem to be aimed at Ukrainian infrastructure by Russian-speaking actors with the BlackEnergy APT group. A key part of the attack involves getting the user to enable macros. With macros enable the infection starts. Macros within Office documents have become, unfortunately, all too common in both eCrime and espionage attacks in the past 18 months.


Identity theft victim? This site helps you reclaim your life
The Federal Trade Commission has a new online site where victims of identity theft can go to for steps to recover from identity theft. It can often take months or years to fully recover from identity theft. One of the biggest scams on the rise right now involves Tax ID theft. The article includes some precautions to avoid identity theft.



Google’s VirusTotal now picks out suspicious firmware
You may be able to detect one of the harder malware infections to find using Google’s Virus Total. Malware in firmware can survive reboots and fresh installs of the OS. A new tool from VirusTotal will let the user know if their BIOS image is potentially infected.
Oracle to Kill Java Browser Plugin
Oracle will be removing the java browser plug in with the release of JDK 9. The java browser plug in enables many cross-platform attacks. The removal of the java browser plug in is good news. Unfortunately the java browser plug in may live on due to old web apps that need old versions of java.