Catch up on the past week’s cybersecurity news.

In this week’s Cyber Resilience News, we explore companies falling into the same cycles of problems when it comes to email-borne attacks. It turns out many organizations don’t bolster their security after attacks, and a survey found that even though healthcare workers are aware of the risks, they still share sensitive information from unsecured email practices.

Meanwhile, world events continue to be shaped by the threat of cyberattacks. There’s an expectation among experts the ongoing FIFA World Cup will be hit by an attack, and reporters who took home free USB-powered fans from the Trump-Kim summit may be in for a rude awakening.

  1. 20-year-old email bug is used to spoof signatures: Here's how to protect yourself, via TechRepublic
    • Several popular email encryption tools have been found to be vulnerable to spoofed signature attacks for decades, according to an advisory post published by Marcus Brinkmann, lead developer of NeoPG, on Wednesday.
  2. The email problem no one is talking about: Mistaken identity, via Mashable
    • Cases of mistaken identity like this are becoming more common as more people around the globe acquire email addresses — and more of their correspondents misremember or mistype them. But so far as we know there are no email providers, much less start-ups or security researchers, working to solve the problem. Unlike with spam, there isn't even a catchy name for it.
  3. Even after multiple cyberattacks, many businesses fail to bolster security. Here's what you need to do, via Inc.
    • Small businesses suffered a barrage of computer invasions last year but most took no action to shore up their security afterward, according to a survey by insurer Hiscox. Only about half of small businesses said they had a clear cybersecurity strategy, the report found. And nearly two-thirds said they didn't bolster their security after an attack.
  4. Hackers who sabotaged the Olympic games return for more mischief, via Ars Technica
    • The advanced hacking group that sabotaged the Pyeongchang Winter Olympics in February has struck again, this time in attacks that targeted financial institutions in Russia and chemical- and biological-threat prevention labs in France, Switzerland, the Netherlands, and Ukraine, researchers said.
  5. Adidas phishing campaign promises free shoes, offers $50 subscription instead, via SC Magazine
    • Threat attackers lure victims with a message suggesting Adidas is giving away 2,500 pairs of shoes to celebrate its 69th anniversary and a homographic link spoofing the appearance a legitimate Adidas website albeit a vertical line with no dot in place of where the “i” would be. Other brands using similar lures and URL spoofs were also exploited in the malicious campaign.
  6. Survey finds healthcare workers understand security measures, but still share sensitive information through non-secure email, via National Law Review
    • According to reports on a recent survey, the vast majority of healthcare workers share sensitive medical information using non-secure email. The survey, conducted by Kickstand Communications, reportedly found that 87% of healthcare workers surveyed admitted to this practice. 
  7. World Cup cyberattack likely, experts say, via Dark Reading
    • Nearly three quarters of security professionals think some type of cyberattack on the upcoming 2018 FIFA World Cup is a sure thing, a new study shows. More than 70% of security pros surveyed by Lastline expect attackers to target network infrastructure of the World Cup, either via a denial-of-service (DDoS) or social media breach. 
  8. Journalists covering the Trump-Kim summit were given free USB fans — but security experts warn they may be Trojan horses full of malware, via Business Insider
    • Journalists covering President Donald Trump's meeting with North Korean leader Kim Jong Un in Singapore this week were given free USB-powered fans as a gift. Security experts say anyone who plugs the fans in is at risk of getting hacked.
  9. Why cryptomining is the new ransomware, and businesses must prepare for it, via TechRepublic
    • For years, ransomware has been the bane of the enterprise, with cyber criminals literally holding data hostage unless a ransom is paid. Some verticals in the enterprise can breathe a sigh of relief, however, because now there is less ransomware in play, but individuals and small businesses are the newest target as cryptomining becomes the hottest trend in cyberattacks.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

How Does the GDPR Data Breach Notification Work?

The way you prevented data breaches has …

The way you prevented data breaches has changed forever. The… Read More >

Jake O'Donnell

by Jake O'Donnell

Global Editorial Content Manager

Posted Jun 06, 2018

Augment your Cyber Resilience Strategy with NextGen SIEM

Improve Response and Proactively Detect …

Improve Response and Proactively Detect Email Threats with t… Read More >

Michael Euperio

by Michael Euperio

Director of Technology Alliances at LogRhythm

Posted May 08, 2018

State of Cybersecurity Research Report

Mimecast & Vanson Bourne Survey 800 …

Mimecast & Vanson Bourne Survey 800 IT decision makers a… Read More >

Alison Raymond Walsh

by Alison Raymond Walsh

Senior Manager Public Relations

Posted May 02, 2018