There’s a lot that happens in the security world, with many stories getting lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week.

Human Error Remains Top Security Threat

In a study conducted over the course of 3 years by the Information Commissioner’s Office, it was found that security breaches due to human error were the number one issue, with the number of reported issues growing steadily year-over-year. While many companies have been increasing the amount of security precautions in regards to cyber attacks, most of them do not see human error as the real problem and thus provide no additional cybersecurity training for their employees.

University of Calgary Pays High-Dollar Ransom

In the past week, the University of Calgary was hit with a ransomware attack that left them with few options. In the end, they ended up paying the nearly $20,000 ransom in hopes of regaining their important files and keeping their systems functional. Fortunately for students and faculty, the decryption keys have been successful, but there still remains much left to do to protect against future attacks.

Social Media Hacks On The Rise

Recently, many high-profile Twitter and other social media accounts have been hacked, including the official NFL Twitter account and Mark Zuckerberg’s seemingly unused account. The hacker behind the NFL breach claims to have had access to an NFL Social Media Staffer’s email that contained the login information for the @NFL  account, although it’s unclear exactly how that access was gained.

http://arstechnica.com/security/2016/06/nfls-breached-twitter-account-falsely-claims-commissioner-goodell-is-dead/

Game Torrents Redirecting to PUA Downloads

Many people who download pirated copies of games are aware of the risks involved, as some of these downloads have the possibility to contain malicious software. However, a current trend across torrent sites is instead to bundle potential unwanted applications (PUAs) with legitimate game titles and have the file launch an executable rather than the zipped game files. Once the user allows the download, some variants are capable of silently downloading additional PUAs onto the machine without further notifications to the user.

Microsoft’s Anti-Macro Efforts Missing Target

With macro-based infections continuously on the rise, Microsoft has made an attempt to secure its users through the use of more messaging, which warns of macros launching out of Word or Excel documents. Unfortunately, the wording of these warnings has changed for the worse since early iterations of the Office Suite. Where once the messages warned users of possible malicious content and aimed them away from enabling the macro, they now show an almost cheerful dialog box with options only to enable the macro or ignore the bright yellow bar atop the screen.

http://www.cso.com.au/article/601455/microsoft-office-macro-malware-warnings-failed-users/
Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This