Network Security News Weekly

Current cybersecurity news to keep
you informed.

IT Services | Government | Financial |
Healthcare | Non-Profit

Network Security News Weekly

Articles of interest from the week of June 4, 2018

Compliance is Not Synonymous With Security
While the upcoming GDPR compliance deadline will mark an unprecedented milestone in security, it should also serve as a crucial reminder that compliance does not equal security. Along with the clear benefits to be gained from upholding the standards enforced by GDPR, PCI DSS, HIPAA, and other regulatory bodies often comes a shift toward a more compliance-centric security approach. But regardless of industry or regulatory body, achieving and maintaining compliance should never be the end goal of any security program. (By: , Security Week)

Fraud data shows 680% spike in fraudulent mobile app transactions
The number of fraudulent transactions originating from a mobile app during the first quarter has increased by 200 per cent since 2015, according to RSA Security. Unfortunately, many mobile apps fail to build security from the ground up. This means cybercriminals and fraudsters are able to slip through the cracks, hijacking mobile applications and siphoning off credentials and funds. As mobile-related fraud continues to grow, consumers and businesses alike need to be aware of the risks. (By: , Help Net Security)

Researchers Warn 500,000 Consumer Routers Infected with Malware
Security researchers have found that nearly 500,000 consumer routers worldwide have been infected with a "sophisticated" malware. According to a blog post by Cisco's cyberintelligence unit Talos, known devices impaced by the "VPNFilter" malware include manufacturers Linksys, MikroTik, Netgear and TP-Link. (By: , Security Today)

1 in 10 healthcare organizations paid a ransom within the last year
More than one in three healthcare organizations have suffered a cyberattack within the last year, while almost one in 10 have paid a ransom or extortion fee, according to Imperva. Imperva’s survey of 102 Healthcare IT professionals, which was carried out at the 2018 Healthcare Information and Management Systems Society (HIMSS) Conference, revealed that 77 percent of respondents were very concerned about a cybersecurity event striking their organization and 15 percent admitted that their organization’s ability to handle a cyberattack needed work. (By: , Help Net Security)

Fighting ransomware with network segmentation as a path to resiliency
Organization can achieve network resiliency and survivability through a strategy embracing network segmentation in general, and micro-segmentation in particular. In a world where it is simply unrealistic to expect CIOs, CTOs and organization security teams to know about and cover everything on their networks, they must strive to protect what they do know about and control access across organizations which are increasingly amorphous, porous and dynamic. (By: , Help Net Security)

BackSwap Trojan implements new techniques to steal funds from your bank account
The new techniques allow the malware to bypass anti-malware solutions and security features implemented by browsers to prevent Man-In-The-Browser attacks. Banking malware use to inject malicious code into the web page, either via the browser’s JavaScript console or directly into the address bar when the user access to the bank account. Injection mechanisms are the most popular techniques used by popular banking malware, including Dridex, Ursnif, Zbot, Trickbot, and Qbot. (By: , Security Affairs)

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser. (By: , IT News)

Sign Up For Netsec News Weekly

Contact Us

If you are concerned about a potential breach or if you are currently experiencing a breach and require immediate assistance, contact our 24x7x365 Emergency Hotline:


Ingalls Information Security
Ingalls Information Security is a Pure-Play Cybersecurity Services Company with 100% of Operations in the United States