Network Security News Weekly

Current cybersecurity news to keep
you informed.

IT Services | Government | Financial |
Healthcare | Non-Profit

Network Security News Weekly

Articles of interest from the week of March 12, 2018

Recent Data Breaches Spark Debate Over 'Reasonable' Notification Rules
Legislators in a number of states are trying to beef up consumer protections by clearly defining how quickly residents must be notified of a data breach and broadening the category of “personal information” covered under such laws. Some also seek to bar credit reporting agencies from charging consumers to freeze their credit information. But setting a fixed number of days for notification might be a problem since law enforcement and cyber experts might need to work quietly behind the scenes to catch hackers without tipping them off. (By: , The Pew Charitable Trusts)

Olympic Destroyer was a false flag cyberattack, research claims
Various research groups had attributed Olympic Destroyer to the usual suspects -- Russia, Iran, China and North Korea -- and ultimately consensus seemed to fall on it being the work of the North Korea-backed Lazarus group, though there was some disagreement. Now Kaspersky Lab is claiming it was a false flag cyberattack designed to mimic Lazarus. (By: , Senior Reporter, TechTarget/SearchSecurity)

The Slingshot APT FAQ
Slingshot is very complex and the developers behind it have clearly spent a great deal of time and money on its creation. Its infection vector is remarkable – and, to the best of our knowledge, unique It is believed that most of the victims observed appeared to have been initially infected through a Windows exploit or compromised Mikrotik routers. (By: , , , ,

4 Misconceptions About SQL Injection Vulnerabilities
SQL injection continues to be one of the biggest security risks that we face as developers and database professionals. Every year, millions of users’ personal information is leaked due to poorly written queries exploited by SQL injection. The sad truth is that SQL injection is completely preventable with the right knowledge. (By: , Hacker Noon)

This new trojan malware uses leaked source code of legit software to snoop on you
Dubbed FlawedAmmyy, the malware is built on top of leaked source code for a legitimate app, Version 3 of Ammyy Admin remote desktop software, and enables attackers to secretly snoop on those duped into installing it. The RAT (remote access trojan) is capable of complete remote desktop control, providing hackers with full access to the system and the opportunity to steal files, credentials, and more. The malware also has the potential to abuse audio chat. (By: , ZDnet)

Cybersecurity Threats Facing Small and Medium-Sized Businesses
According to a recent report on the state of cybersecurity in small and medium-sized businesses by the Ponemon Institute, 61% of small and medium-sized businesses experienced a cyberattack in 2017, a 6% increase from 2016. Similarly, the report said 54% of small and medium-sized businesses experienced data breaches (up from 50% in 2016). (By: )

How Creative DDoS Attacks Still Slip Past Defenses
Distributed denial of service attacks, in which hackers use a targeted hose of junk traffic to overwhelm a service or take a server offline, have been a digital menace for decades. But in just the last 18 months, the public picture of DDoS defense has evolved rapidly. Unfortunately, network defenders and internet infrastructure experts emphasize that despite the positive outcomes, DDoS continues to pose a serious threat. (By: ,

WTB: APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS
While investigating an incident in May 2017; NCC Group’s Incident Response team discovered that their client had been compromised by the Advanced Persistent Threat (APT) group “APT15” (GREF, Ke3chang, Mirage, Playful Dragon, Vixen Panda). The response team found that APT15 had compromised their client’s network and managed to steal “a number of sensitive documents” via three backdoors. The first backdoor, called “BS2005,” is known to be used by the group, however, two new backdoors dubbed “RoyalCli” and “RoyalDNS” were also observed. NCC Group believes that APT15 was targeting data related to U.K. government departments and military technology. (By: NCC Group)

Sign Up For Netsec News Weekly

Contact Us

If you are concerned about a potential breach or if you are currently experiencing a breach and require immediate assistance, contact our 24x7x365 Emergency Hotline:


Ingalls Information Security
Ingalls Information Security is a Pure-Play Cybersecurity Services Company with 100% of Operations in the United States