Cyber Security Roundup for August 2016

The fallout from massive data breaches in recent years continued to dominate the August headlines. Dropbox enforced password changes for 68 million users after accounts as a result of the 2012 Dropbox breach, when a Dropbox employee stole a load of account details. Meanwhile over 200 million Yahoo user credentials were found up for sale on the dark web. The large user account data breaches didn’t stop there; several large online user forums operating on vBulletin were found to be vulnerable and compromised with SQL injection attacks, leading to the theft of millions of forum user account details.

Ransomware continues to plague all industries, especially the UK health sector, with half of all NHS Trusts confirming ransomware infiltrations. The Locky ransomware continues to be updated by cybercriminals, making the malware much harder for anti-virus software to detect and prevent.

Finally a report by ‘Cybersecurity Ventures’ predicts a Cyber-Apocalypse, estimating that cybercrime will cost the world in excess of £4.5 trillion annually by 2021.

News

• Dropbox Hack 'affected 68 million users'
• 200 Million Yahoo user credentials for sale on Dark Web
• Hackers have Stolen £49 million worth of Bitcoins
• Epic Games Forums Hacked with SQL Injection, over 800,000 User Credentials Stolen
• Opera (web browser) resets Passwords after sync server Hacked
• Telegram API flaw leaks 15 Million Iranian users' Data
• 123-Reg Suffers Major DDoS Attack
• Swift warns banks of more Cyber-Thefts
• Tech-savvy targeted by ID thieves, says Experian
• Advanced Malware linked to South China Sea Cyber-Attacks
• Hackers exploit vBulletin SQL Flaws to access 27M accounts on 11 Websites
• 47% of NHS Trusts in England admit to falling victim to Ransomware
• Jimmy Wales suffers Twitter Account Hacked
• Microsoft release 5 Critical Patches for Windows, Edge, IE, Office &  PDF Library
• Adobe issued Hotfix for Critical Information Disclosure Vulnerability in ColdFusion
• Apple Rushes Out iOS Software Update To Fix Spyware Threat
• Cisco Advisory “We have started publishing fixes” for NSA-linked Exploits

Awareness,Education, and Intelligence

• Locky Ransomware Spread in Global Campaign against Health Sector
• Latest Locky version on the Loose
• Researcher warns of Cyber-Threat to Mergers and Acquisitions

Reports

• CyberSecurity Market Report: Cybercrime cost excess of £4.5 trillion annually by 2021
•  Imperva Annual DDoS Threat Landscape Report: UK 'too attractive' to DDoS Attackers