Our security roundup series covers the week’s trending topics in the world of InfoSec. In this quick read compilation, we’ll let you know of the latest news and controversies that the industry has been talking about recently.
Here’s what you don’t want to miss from the week of August 23rd, 2015:
- Unsurprisingly, it was announced that Noel Biderman, CEO of Ashely Madison’s parent company Avid Life Media, is bidding farewell to the extramarital affairs service. “This change is in the best interest of the company and allows us to continue to provide support to our members and our dedicated employees,” read the statement. The announcement comes after the third data dump, which included a series of emails suggesting that at one point, Avid Life Media may have gained access to the entire user base of a competing company. Ironic?
- According to reports, the ISIS hacker who was responsible for exposing the personal information of hundreds of U.S. military and government personnel has been killed in a drone strike. USA Today reported the hacker, identified as Junaid Hussain, was pinpointed in a “targeted strike” near the Syrian city of Raqqa. This escalation against the perpetrator of cyber attacks could be a game changer, explained Tripwire Sr. Security Researcher Ken Westin. “Those conducting these attacks have usually felt immune to the effects of physical war but now, these actors realize they can be targets of drones and other strikes,” he said.
- The FBI has issued a warning to U.S. companies of a significant increase in sophisticated scams linked to fraudulent wire transfers. The agency said that businesses working with foreign suppliers and/or regularly performing wire transfer payments should be on the lookout for potential email account compromises through social engineering or computer intrusion techniques. The Internet Crime Complaint Center reported the unauthorized transactions have amounted to an estimated loss of more than $1.2 billion dollars, impacting over 8,000 victims.
- British police announced the arrest of six people as part of a multi-agency operation targeting users of the tool LizardStresser – a DDos-on-demand service offered by the infamous hacking group known as Lizard Squad, who was responsible for taking down the networks of XBox Live and PlayStation last Christmas. According to the NCA’s National Cyber Crime Unit, organizations believed to have been targeted by the suspects include a leading national newspaper, a school and a number of online retailers.
- Agora – one of the biggest online underground marketplaces known for facilitating the sell of drugs, weapons, as well as stolen personal and financial information – has announced that it’s “pausing” operations as a result of security concerns. In a statement, Agora said recent research had revealed vulnerabilities in Tor’s Hidden Services protocol, which could deanonymize server locations. Administrators said a solution is currently “in the works,” however, it will likely take time to implement and bring the site back online.
- According to Microsoft, Windows 10 now has over 75 million installs less than one month after its big debut. But although there’s been much buzz about its new capabilities, some features have raised concerns over users’ privacy. Forbes reported some users claim that Windows 10 keylogs what you type and sends it back to Microsoft servers. Regardless, there are a number of ways to opt out of some of its data-collecting features.