Here's Volume 2 of ThreatWatch: A Weekly Roundup of the Best Fraud and Security Stories from around the Web. Each week we'll choose a handful of news articles from the reporters we follow who write about the threat landscape - whether it's a newly discovered security breach or insight into how new technologies and systems are being utilized to make the Web safer for consumers.
Hackers are making their malware more powerful by copying WannaCry and Petya ransomware tricks (ZDNet by @DannyJPalmer)
Hackers, like Trickbot, are copying Petya and WannaCry with new malware techniques to infiltrate the financial sector. They are adding additional techniques to their original malware that is spread via emails that claim to be from an international financial institution, which then lead the victim to a fake login page used to steal credentials.
UK Data Protection Bill, Incorporating GDPR, Expected in September (InfoSecurity Magazine by @wirelesswench)
UK’s new data protection bill is expected to be introduced in Parliament in just a few weeks. The bill, which was announced in last month’s Queen’s Speech, is meant to ensure that the UK retains its world-class regime protecting personal data. According to an analysis from global law firm Reed Smith, the goal is to create a “data protection framework that is suitable for our new digital age, and to cement the UK’s position at the forefront of technological innovation, international data sharing and protection of personal data.” The bill will also incorporate GDPR, “meaning that even post-Brexit, businesses will need to comply with the same EU rules for UK citizens.”
US senators introduce bill to improve IoT security, protect researchers probing it (HelpNet Security by @helpnetsecurity)
US Senators have introduced legislation titled “Internet of Things (IoT) Cybersecurity Improvement Act of 2017” that would require devices purchased by the US government to meet certain security requirements. A main benefit of the bill is to help stop botnets from hacking into internet connected devices. Bruce Schneier, a fellow and lecturer at Harvard Kennedy School of Government, describes the recent influx of insecure internet connected devices and how necessary it is for these security requirements. Password management is a good starting point, but more advanced security measures need to be put in place to protect against malicious attacks on these devices.
WannaCry ransomware: Hackers behind global cyberattack finally cash out bitcoin windfall (ZDNet by @DannyJPalmer)
WannaCry hackers have finally cashed out on their ransom payments, all of which were in Bitcoin. Of the 338 victims that paid the Bitcoin ransom, the total amount withdrawn was $140,000 thanks to changes in the valuation of Bitcoin. Hackers choose to use cryptocurrencies like Bitcoin because it is difficult to trace the payments. There is still no official confirmation as to who was behind the attack but fingers are still being pointed at North Korea.