https://thehackernews.com/2018/05/intel-spectre-vulnerability.html

Additional vulnerabilities in Intel’s chip. Same design flaw as Spectre. As the industry finds more vulnerabilities, chip makers do not know if the patches will cause performance issues.

In a case of too stupid not to share Commonwealth Bank lost 12 million customers’ data including their financial histories from 2004 to 2014 but this wasn’t your normal breach. The magnetic tape backups just went missing. They hired a company to destroy the backups and no one has any idea what happened after they left the storage facility. They hired KPMG to help track them down after police were unable to find anything who, after a lengthy search, concluded that the tapes were most likely destroyed. This just highlights the fact that physical security and chain of custody is really important.

https://gizmodo.com/major-bank-loses-12-million-customers-data-in-the-most-1825711247

For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely.

Dubbed GLitch, the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones

 

https://thehackernews.com/2018/05/rowhammer-android-hacking.html

 

https://venturebeat.com/2018/04/15/mcafee-26-of-companies-have-suffered-cloud-data-theft/

With the advent of cloud storage, many companies have come to trust this storage method and transferred crucial information from their hard-drives to the ‘cloud’. However, not everyone is equally impressed!

In its third annual meeting on cloud security, leading cybersecurity firm McAfee presented a thrilling report on the security risks pertaining to cloud storage. The report stated that about 26 percent of companies using cloud storage have faced data thefts.

According to the words of Raj Samani, the chief scientist at McAfee “This year’s study demonstrates that there are firms ramping up cloud adoption and increasing investment to manage the risks, and conversely a larger number of organizations that are taking a more cautious approach,”

http://www.itpro.co.uk/national-cyber-security-centre-ncsc/30926/ncsc-unveils-new-cyber-attack-classification-system

In order to enforce a more efficient mechanism to fight cyber crimes and fortify cybersecurity, the National Cyber Security Centre (NCSC) has announced the launch of a new cyber categorization system. The purpose of this new categorization would be to classify the various cyber attacks in accordance with a list of priority.

The NCSC, which is the leading cyber defense body in the UK, believes that based on the nature of the attacks, once the priorities are set, it would be easier for law-enforcing agencies to plan their move. In his statement, Paul Chichester, the director of NCSC said: “This new joint approach, developed in partnership with UK law enforcement, will strengthen the UK’s ability to respond to the significant, growing and diverse cyber threats we face”.

It was stated at the RSA Conference 2018 that “If cybercrime was a country, it would have the 13^th highest GPA in the world.” Attackers generate $1.5 trillion in annual profit, which is about equal to the GDP of Russia. The $1.5 trillion that cybercriminal generate each year includes $860 billion in illicit online markets, $500 billion in theft of trade secrets and intellectual property, $160 billion in data trading, $1.6 billion in crimeware-as-service-, and $1 billion in ransomware. Evidence has show that cybercrime often generates more revenue than actual companies. It is time to start thinking that cybercrime is more like a business.

 Additionally, it was mentioned that more 620 new drug types have appeared in the market since 2005. Many of these drugs are created in China or India, purchased online, and sent to Europe in bulk. There has been evidence that shows that groups earning revenue from cybercrime are also involved in drug production. Taking a look at the dark web, one can find listings for illegal drugs, toxic chemicals, malware, and stolen and fraudulent data.

https://www.darkreading.com/vulnerabilities—threats/cybercrime-economy-generates-$15-trillion-a-year/d/d-id/1331613

Cyber-attackers are turning to tools that automate the process of finding and hijacking vulnerable servers, a study has found…

http://www.bbc.com/news/technology-43788337