This Week in Security News: Rules and Regulation

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, House lawmakers approved legislation for securing technology used to power critical infrastructures from cyberattacks.

Read on to learn more. 

The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors

Six years after it was first spotted in the wild, the Necurs malware botnet is still out to prove that it’s a malware chameleon.  We recently discovered noteworthy changes to the way Necurs makes use of its bots, such as pushing infostealers on them and showing a special interest in bots with specific characteristics.

Cryptocurrency-Mining Bot Targets Devices With Running SSH Service via Potential Scam Site

The practicality of cryptocurrency mining on devices connected to the internet of things (IoT) is often a questionable matter in terms of computing power. Be that as it may, we’ve nonetheless seen miscreants targeting connected devices and even offering cryptocurrency malware in the underground.

Digging into the New ePrivacy Regulation: Balancing Privacy and Progress

After GDPR’s implementation, discussions have not waned as enterprises anticipate the impact of a proposed legislation to secure electronic communications — the ePrivacy Regulation (ePR).

House Passes Bill to Addressing Industrial Cybersecurity

House lawmakers approved legislation that aims at securing technology used to power critical infrastructure from cyberattacks.

Hospitality Industry Under Attack for Credentials, PII Theft

The study found that fake accounts and intrusions via botnets targeting hotel, airline, cruise, and travel websites have increased in particular countries.

Black Hat: Cybersecurity Is More Than A Tech Problem

A recent report by Black Hat on the current state of cybersecurity shows how experts are bundling issues such as personal privacy, politics, business, ethics and risk into the overall cybersecurity package.

Voice Data of 5.1 Million People Collected and Stored by UK Tax Authority

The U.K. privacy advocate group Big Brother Watch published a report about the biometric data — specifically voice data — collection practices of HM Revenue and Customs (HMRC).

A Quarter of UK Businesses Think Their Cybersecurity Isn’t Up to Scratch

A report recently released by the London Office for Rapid Cybersecurity Advancement shows that more than half of UK’s large businesses have suffered a cybersecurity attack in the past 12 months.

Phishing Emails Sidestep Microsoft Office 365 Filters Using ZeroFont

The technique, called ZeroFont, involves the manipulation of text font sizes to trick O365’s natural language processing, a tool that identifies malicious emails.

Do you think the new House bill will help successfully mitigate threats to cybersecurity for critical infrastructure technology? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Read More HERE