Things move fast in the world of infosec. Here are the most significant stats and stories you need to know this week:
WikiLeaks dropped a bombshell this week with the publication of what they claim to be the lion's share of the CIA's hacking tools and techniques. While the scope and apparent veracity of the Vault 7 leak is certainly staggering, the majority of reactions have been rather breathless. This summary from The Register provides more level-headed perspective. • Read More
Researchers have stumbled across a massive database of 1.4 billion emails addresses belonging to one of the biggest spammers in the world. While the exposure of that many personal records is incredibly unnerving, the leak has also exposed numerous IP addresses and other critical components of the spammers’ infrastructure, which has allowed anti-spam organization Spamhaus to blacklist their network. • Read More
According to a new report, the number of Dark Web services has dropped to roughly 4,400, a steep decline from an estimated 30,000 found in April 2016. Researchers are attributing the drop to the hacktivist takedown of Freedom Hosting II, a Dark Web hosting service that was discovered providing service to websites hosting images of sexually abused children. •Read More
The Dark Web isn't completely kaput. Criminals looking for credentials to leverage now have over one million to choose from, and they're being sold for cheap. The asking price for 500,000 Gmail accounts is 0.0219 Bitcoins ($28.24). • Read More
The flaw allows an attacker to make malicious requests to an Apache webserver and have it execute. Administrators are urged to patch their systems immediately. • Read More
This week's stories from the Barkly blog
On February 15, employees for Bingham County, Idaho, discovered they were locked out of crucial systems involved in dispatching emergency responders. Things got worse from there.
A new spike in Samsam ransomware attacks is catching organizations off guard, taking advantage of open ports and weak credentials to infect victim servers. Get more details behind the attacks along with tips for how to protect your organization. • Read More
A recent wave of "invisible" fileless malware is forcing companies to ask, "How do you stop what you can't see?"
In case you missed it, earlier this week our malware research team took to Slack to answer the biggest questions surrounding fileless malware, from how they work to what you can do to stop them. • Read More
This week's "A little something good"
When you work in infosec, there's plenty of bad news to get lost in. Each week, we're going to showcase a story that reminds us of all the incredible, unexpected, ingenious ways technology is being used for good, not evil.
Every year, a fleet of automated robots rolls into St. Paul, Minnesota with one clear objective: annihilate all other "snow bots" by plowing pathways for humans.
This year marked the seventh time the Annual Autonomous Snowplow Competition — "like Battle Bots, but with more parkas and no remote controls" — has taken place. If you're into radio beacons, lasers, and the occasional decorative deer skull, this should be right up your alley.
That's a wrap for this week. Have a great weekend and stay frosty!
Feature image: Mike Holmes