Top 10 Stories

Scientists at the University of Washington in Seattle, have successfully been able to code a malware program into a DNA sample and use it to hack into a computer that was studying it. By doing this, they have exposed a weakness in systems that could lead to hackers taking control of computers in research centres, universities and laboratories, reports MIT technology review. Researchers are calling this the first "DNA-based exploit of a computer system." View...

Russian cybersecurity firm Kaspersky Lab has dropped an antitrust legal complaint against Microsoft after the US technology giant agreed to give anti-virus vendors greater control over how their software will be compatible with future versions of its Windows OS. In June 2017, Kaspersky Lab filed legal cases against Microsoft in both the European Commission and the German Federal Cartel Office, alleging that it was taking advantage of its own "dominant position in the computer operating...

Blighty's Information Commissioner’s Office has whacked TalkTalk with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre. The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were providing support for technical problems. They quoted customers’ addresses and TalkTalk account numbers. View Full Story  ORIGINAL SOURCE: The...

Salesforce has fired its director of offensive security and another senior staff member after they gave talk at the Defcon security conference talk in Las Vegas last month. Josh Schwartz, director of offensive security based in San Francisco, and John Cramb, senior offensive security engineer in Sydney, Australia, worked on the cloud giant's security "red team," which launches offensive attacks against the company from within to test its cyber posture and defenses View Full Story...

Microsoft's decided not to support digital certificates issued by Chinese outfits WoSign and StartCom, but the first-mentioned CA disputes the decision. Google, Apple and Mozilla binned WoSign certs in 2016. Microsoft says it has now “... concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed to maintain the standards required by our Trusted Root Program.” View full Story ORIGINAL SOURCE: The Register

Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular...

The number of emails carrying malware increased to a new high in July with one in every 359 emails carrying a malicious payload, according to Symantec's July Intelligence Report. July also saw increases in the number of phishing attempts and spam, but the increasing use by cybercriminals of email to spread malware took center stage reaching a level not seen since December 2016. The rate of infected emails in July was one in 359, up...

The email hoaxer who previously duped Trump administration officials, as well as the governor of Bank of England, has tricked yet another high profile individual into engaging in an email exchange. UK home secretary Amber Rudd is reportedly the latest victim of the email prankster who goes by the pseudonym Sinon Reborn. The prankster reportedly posed as a senior Downing Street official to trick Rudd into responding to emails. Rudd reportedly disclosed that she was...

The UK government has announced that businesses providing essential services like energy and transport could be fined as much as £17m or 4 per cent of global turnover for failing to have effective cyber security measures in place. The proposals from the Department for Digital, Culture, Media & Sport satisfy requirements under the EU Network and Information Systems (NIS) Directive, which comes into effect next May. Critical infrastructure firms will also be required to show...

In a new report examining cybersecurity trends for the quarter, it sounds like “ransomware” — emphasis on the air quotes — will remain very much in vogue through 2017. The last few months saw some major malware moments, most notably the WannaCry and NotPetya (a.k.a. ExPetr/Nyetya/Petya) attacks. Kaspersky Labs’ quarterly report suggests that the trend is likely here to stay for now, as waves of increasingly sophisticated hacks further the veiled aims of shadowy individual...