A roundup of the top news stories in information security this week, including APT28 targeting hotel Wi-FI networks, the State Deparment officially launching a new cybersecurity office, and arrests made in the "Game of Thrones" leak.


APT28 Attacks

MALWARE

APT28 Targeting Hotel and Hospitality Wi-Fi Networks, FireEye Says

Researchers at security firm FireEye are warning travelers heading to Europe and the Middle East that an active malware campaign is targeting hotel Wi-Fi networks. Experts belie the Russian group APT28 is behind the ruse that’s aimed at siphoning guest and corporate information from the networks. Attackers are also leveraging new techniques in the campaign, including using the EthernalBlue SMB vulnerability.

Click here for full article.

 


Hutchins Not Guilty

ATTACKS

Researchers Pleads Not Guilty to Kronos Banking Trojan Charges

The security researcher that has been credited for putting an end to the infamous WannaCry ransomware outbreak has pleaded not guilty to charges of creating and distributing the Kronos banking Trojan. Marcus Hutchins, aka MalwareTech, was arrested at the Las Vegas airport after attending the Black Hat and DEF CON security conferences in July. Hutchins has been out on bail since Aug. 5 and is residing in Los Angeles where he is under GPS monitoring.

Click here for full article.




HBO Hacker

CYBERCRIME

Following Major Breaches, Hollywood Reevaluates Cybersecurity

On the heels of yet another prominent cybersecurity event impacting a major Hollywood entity, entertainment companies like Sony, Netflix, and HBO are facing a harsh reality. Major breaches impacting Sony and Netflix has graced headlines, but HBO’s recent hack is causing entertainment giants to take computer security more seriously. Cyber criminals are threatening company reputations and businesses.

 

Click here for full article.




AWS Servers
CLOUD

AWS Introduced Machine Learning Security for Amazon S3

Amazon Web Services has introduced Amazon Macie this week, a service that uses machine learning to prevent sensitive data leaks and authorized access to information stored in Amazon S3. While it’s solely focused  on Amazon S3 at the moment, the company indicated that it will be available to support other storage services this year.

Click here for full blog post.

 




Department of State

GOVERNMENT

State Department Officially Launches New Cybersecurity Office

A new office responsible for safeguarding and responding to cybersecurity threats was established by the State Department earlier this year. The Cyber and Technology Security (CTS) directorate was launched quietly on May 28. According to one State official, the CTS will facilitate “the conduct of global diplomacy by protecting life, property, and information with advanced cybersecurity programs and risk-managed technology innovation.”

Click here for full article.

 

 

LA Information Sharing

INFORMATION SHARING

Los Angeles to Launch Threat-Sharing Group

Officials with the city of Los Angeles are planning to launch a cybersecurity initiative aimed at bolstering threat intelligence sharing between businesses and the city. “If all participating companies come to the table with that attitude and share their experiences, it will be successful,” said Christopher Hymes, director of security at Riot Games, one of the company partners in the initiative.

Click here for full article.



 

GOTARRESTS

Four Arrested in Connection to Game of Thrones Leak

Current and former employees of Prime Focus Technology, a Mumbai-based firm that stores and processes Game of Thrones (GOT) for Indian streaming website Hostar, have been arrested in connection to the recent GOT leak. Episode four of the popular series was leaked on August 4. The arrests are tied to the leak of the episode itself, not the actual hack that resulted 1.5TB of stolen data.

 

Click here for full article.


 

Infosec Growth

INFOSEC

Gartner: Global Infosec Spending to Reach $86.4 Billion

Market research firm Gartner says that global spending  on information security solutions and services will reach $86.4 billion this year. The growth is primarily driven by the increased data breach activity as well as the demand in “interactive application security testing” (IAST), a segment of the industry that Gartner believes will continue to grow through 2021.

Click here for full blog post.

 

 

cloudflareCYBER ATTACK

Daily Stormer Instantly Knocked Offline After Cloudflare Ends Support

Neo-Nazi website, The Daily Stormer, was knocked offline by attackers just moments after Cloudflare dropped it as a customer due to political pressure. Considered its last line of defense, the internet security service provider’s CEO ultimately made the decision  to stop providing paid services to the website. As of Wednesday evening, the Daily Stormer remained offline.

Click here for full article.


 


Pulse Wave Attacks
DDoS

Cybercriminals Leverage Pulse Wave DDoS to Target Multiple Victims

A new type of distributed denial-of-service (DDoS) attack is giving cybercriminals the ability to strike multiple targets. A new report by security firm Incapsulate describes the DDoS attacks that leverage “pulse waves” to “double the bonnet’s output and exploit soft spots in ‘appliance first cloud second’ hybrid mitigation solutions.”

Click here for full article.