Welcome to this week’s security review, including news of a returning Ray-Ban scam that has spread from social media to email. Also this week, we look at ransomware threats stepping into the void left by TeslaCrypt, and bring you the news that Facebook founder Mark Zuckerberg’s social network accounts were accessed without permission. Wait until you hear what his password was.
Catch up on all that and the rest of the week’s security news below.
Ray-Ban scam returns: Now targeting emails and Facebook
Back in April we reported news of a prominent Facebook scam attempting to lure victims with the promise of cheap sunglasses. Now, it’s back. The latest iteration of this Ray-Ban scam is bigger than before, moving from Facebook to include email and instant messaging apps too. ESET’s Lukas Stefanko provides the information and advice you need to steer clear of the threat.
Crimeware: Malware and massive campaigns around the world
Cases of malware and crimeware incidents are reported daily around the world. Indeed, the number of reports, detections and threats grows constantly – and 2015 was no exception. Pablo Ramos looks back over the past year and notes a change in the types and aggressiveness of attacks around the world, as cybercriminals continue to find new ways to reach users.
Beyond TeslaCrypt: Crysis family lays claim to parts of its territory
It’s been two weeks since ESET created a TeslaCrypt decryptor, which allows victims of the ransomware to get their files back. Since then, over 32,000 users around the globe have downloaded the tool, but new ransomware threats have emerged since. Ondrej Kubovič looks at the Crysis family of ransomware laying claim to TeslaCrypt’s former territory.
Infrastructure attacks: The next generation
Six years on from the Stuxnet phenomenon that dominated the threat landscape in 2010, what can be learned? In the aftermath of this complex and ‘game-changing’ threat, ESET’s senior research fellow David Harley revisits his original research and asks what it means for the computer security and control systems industry today.
Mark Zuckerberg’s social media accounts accessed
Various social media accounts belonging to Mark Zuckerberg have been accessed without his permission or knowledge, including Twitter, LinkedIn and Pinterest. Although it appears that Facebook systems and accounts weren’t among the breached networks, Mr Zuckerberg’s security practices have been questioned; his password across LinkedIn, Twitter and Pinterest was purportedly “dadada”.
Fake websites offer overpriced Euro 2016 tickets
The UEFA Euro 2016 tournament may have kicked off last Friday, but fans on the ground are still on the lookout for last minute tickets. This can be fertile ground for cybercriminals, and ESET was able to find multiple malicious websites offering tickets – quite possibly fake – for up to €3,500. ESET’s Ondrej Kubovič advises what to watch out for if you’re hoping to secure a ticket for this year’s tournament.