Buy Kids iPhones And Kill Connected Toys

Here is the weekly roundup :

Chinese Cybercriminal Gang Use Dropbox To Target Media Companies
An APT (Advanced Persistent Threat) gang originating from China that are allegedly responsible for attacks targeting foreign governments and ministries are now focusing their efforts at several Hong Kong-based media companies while using Dropbox, according to an independent security firm.

China Claims to Have Arrested OPM Hackers
The Chinese government has arrested a number of hackers that were related to the breach of the Office of Personnel Management’s (OPM) database this year, according to reports.

Australian Bureau of Meteorology Hacked, China Blamed
Australian media is reporting a major cyber-attack against Australia’s Bureau of Meteorology that is likely to have compromised sensitive security information. China is being blamed for the attack.

Blackberry Refuses to Give in to Pakistan’s Backdoor Request
Phone manufacturer Blackberry is withdrawing from the Pakistani market entirely after refusing to give in to the demand of backdoor access by the nation’s government. The request was to install a backdoor access to the company’s enterprise products.

Backdoor Found in 600,000 Cable Routers
A security researcher in Brazil has discovered a ‘backdoor within a backdoor’ vulnerability present in Arris cable modems that can potentially grant an attacker the ability to tinker with and rewrite the modem’s firmware.

Microsoft Turns up Security for Enterprise Systems
Computing giant Microsoft is reigning in new security measures for enterprises to nullify the threat of adware that often comes packaged in the installers of free software.

Interesting Reading From Around the Web:

Buy Kids iPhones And Kill Connected Toys -- Hacker Advice To Parents After Awful VTech Breach
Security experts who’ve overseen hacks of digital dollies and toy tanks in the last year have some simple advice for parents: buy kids’ devices with decent data protection mechanisms such as the Apple iPhone and avoid connected toys until manufacturers have proven themselves trustworthy when it comes to security.

OPM Breach: Credit Monitoring vs. Freeze
Many readers wrote in this past week to say they’d finally been officially notified that their fingerprints, background checks, Social Security numbers, and other sensitive information was jeopardized in the massive data breach discovered this year at the Office of Personnel Management (OPM). Almost as many complained that the OPM’s response — the offering of free credit monitoring services for up to three years — won’t work if readers have taken my advice and enacted a “security freeze” on one’s credit file with the major credit bureaus. This post is an attempt to explain what’s going on here.

OPM Struggles With Security Compliance
Despite making some security improvements, the Office of Personnel Management is still struggling to comply with recommendations that the Inspector General's office has made repeatedly – making it vulnerable to another breach.

Upcoming Events:

New Jersey Chapter ISSA Meeting

We are proud to announce that we will be a proud sponsor of the December 7th meeting ISSA NJ Chapter meeting. Please join us for an evening focused on Threat Detection and Incident Response. Our incident respondents Paul Kubler and Dusan Petricko will be presenting. Hope to see you there!

December 9, 2015, Deloitte, Parsippany, NJ

Find Out More

LIFARS at the Cybertech 2016: The Anatomy of an APT Attack

Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States.

Wondering what an APT attack looks like under the microscope? In this 3 hour workshop, we will examine the process of response to an APT attack in some real-world scenarios. We will also elaborate on the process of detonation of malware, the forensic investigation, and more.

FOR A 10% DISCOUNT, PLEASE USE THE FOLLOWING CODE: LIFARS cybertech20 January 26-27, 2016, Tel Aviv, Israel

Find Out More

Featured Article:

Fending off cyber extortion can be difficult

There is a common theme running through many of the recent massive data breaches: cyber extortion. This new trend is gaining popularity on both corporate and individual level. To effectively combat this threat, a good understanding of the problem is necessary. Let's fix that.

Read on CSO Online

On-Demand Webinar:

Best Practices for Cyber Security Incident Response (IR)

Whether you are a large or small company building an effective Incident Response (IR) may seem daunting in the wake of the ever increasing sophistication of threats. In this webinar we will cover the best practices of an effective Incident Response for cybersecurity.

Register Now

Featured Slideshow:

The First 24 Hours After a Breach

A major company has been hacked, suffering a data breach. How do companies the size of Sony handle such situations? Various departments, including legal, tech and PR come together to meet with the management and workout a plan on how to handle the crisis. This presentation will focus on both -- companies with a data breach response plan and those without one. We'll shed some light on what the first 24 hours post-breach looks like for a major company.

Watch Slideshow

Featured Content:

Cybersecurity While Traveling

The majority of us travel quite frequently, and yet we give little thought to how we keep our identity and data safe while doing so. This guide will provide you with some basic rules to follow when traveling that will significantly increase your security and privacy.

Free Download

Business Continuity Planning and Disaster Recovery

Disasters can hit your organization at any time. But, as this new ebook from SC Magazine reveals, there are tools and strategies to help get formal security plans and policies in place to best serve your enterprise when, during and after a data breach strikes.

Free Download

Connect with us

LinkedIn Twitter Facebook Google Website YouTube

LIFARS LLC, 244 Fifth Avenue, Suite 2035, New York, NY 10001 Copyright © 2016 LIFARS, LLC, All rights reserved.