A new strain of cyberespionage malware with a dropper designed to target specific European energy companies has been discovered by SentinelOne, the researchers say the malware, “SFG,” which appears to be a predecessor of Furtim, looks stealthy, may well be the work of a nation-state, and “potentially” originated in Eastern Europe. Its role seems to be battlespace preparation.
Elsewhere in the Internet-of-things, several security firms warn that medical devices are increasingly attractive to hackers, not only for their botnet potential, but especially as a route into valuable healthcare data. And Kaspersky investigates industrial control system hosts and finds more than 90% of them vulnerable to remote exploitation. (That’s not exactly an admission against interest, coming from a security company, but it does suggest we have a problem with SCADA systems.)
InfoArmor warns that some 600,000 healthcare patient records have recently been compromised in the US. They warned the National Healthcare and Public Health Information Sharing and Analysis Center (NH-ISAC) in May. The company is expected to issue a public report later this week.
Mixed news on ransomware. The good: Check Point has a decryption tool out for Jigsaw. The bad: Cerber’s developers have produced a successor, “Alfa,” for which there’s as of yet no remedy. And the other bad: “Ranscam,” the work of lazy hoods, says it encrypts its victims’ files; in fact it simply deletes them.
Use Pokémon Go with caution. It may direct you to places better left unvisited, and it really knows an awful lot about you.
A note to our readers: we'll be up in New York later this week, covering SINET's 2016 Innovation Summit on Thursday. Watch for live-Tweeting and a special issue featuring a comprehensive report on the conference.