This Week in Security News: Toll Fraud & Small Business Struggles

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn why telecommunications fraud has turned into a multi-billion euro criminal industry. Also, understand what cybersecurity struggles small businesses still face after the NIST Small Business Cybersecurity Act was implemented in August.

Read on:

Safeguarding the Nation’s Critical Infrastructure

Today’s critical infrastructure vulnerability is better than it was 20 years ago, but far from adequate. There is still much that needs to be done. 

Small Businesses to Receive NIST Assistance: Overlooked Areas of the NIST Framework

As threat actors continue to act with rising sophistication and advanced attack techniques, it’s an uphill battle for protection and prevention for small businesses with limited resources and budgets. 

Trend Micro Shines a Light on Its New Cybersecurity Solutions

At its annual Trend Insights industry analyst event, Trend Micro provided an overview of its business, products and strategy.  

Best Practices for Endpoint Detection and Response

Take a closer look at detection and response, and how organizations can utilize best practices to bridge internal gaps and better ensure that key assets and the overarching network are safeguarded. 

How hacktivist groups pose a global cybersecurity threat

Andrea Little Limbago, chief social scientist at Endgame, discusses hacktivist groups, cybersecurity trends, and how we can prepare for cyberattacks with CNET’s Dan Patterson.

U.S. Begins First Cyberoperation Against Russia Aimed at Protecting Elections

American operatives are messaging Russians working on disinformation campaigns to let them know they’ve been identified. 

82% of security pros fear hackers using AI to attack their company

Artificial intelligence (AI) is poised to impact every industry in the near future—including the lucrative business of malicious hacking and the cybersecurity industry working to defend against those attacks.

Malware Targeting Brazil Uses Legitimate Windows Components WMI and CertUtil as Part of its Routine

Although the WMIC and CertUtil have been used in malware campaigns before, this attack integrates both files into its routine and adds even more anti-evasion layers.

SettingContent-ms can be Abused to Drop Complex DeepLink and Icon-based Payload

This technique shows that cybercriminals have many tools at their disposal to help them deploy an effective and complicated payload. 

Healthcare.gov Security Breach Leaks Info for 75,000 People

Healthcare.gov, the federally operated health insurance marketplace, believes that files for as many as 75,000 people were breached. 

Toll Fraud, International Revenue Share Fraud and More: How Criminals Monetize Hacked Cellphones and IoT Devices for Telecom Fraud

Developments in technology, the industry and criminal capabilities have turned telecommunications fraud into a multi-billion euro criminal industry.

Amazon Exec and Super Micro CEO Call for Retraction of Spy Chip Story

Apple, Amazon and Super Micro called for the retraction of a Bloomberg report that claimed Chinese spy chips were able to compromise their computer networks.

Do you think law enforcement, the industry or regulators will begin to address solutions to telecommunications fraud in 2019? Why or why not?

Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.