JANUARY 12 2017 A new kind of ransomware comes with its own referrals program one that you probably wouldnt want to join The malware dubbed Popcorn Time locks your Windows computers files with strong AES256 encryption until you a pay a ransom of one bitcoin or 780 at the time of wr ID: 647684
Download Presentation The PPT/PDF document "DATA BREACH SIMULATION TRAINING" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
DATA BREACH SIMULATION TRAININGJANUARY 12, 2017Slide2Slide3Slide4Slide5
A new kind of ransomware comes with its own "referrals" program, one that you probably wouldn't want to join
.
The malware dubbed "Popcorn Time" locks your Windows computer's files with strong AES-256 encryption, until you a pay a ransom of one bitcoin (or $780 at the time of writing
)
But this ransomware comes with a twist. The lock screen will let victims unlock their files the "nasty way" by sharing a link with two other people -- presumably ones the victim doesn't like. If they become infected and pay, then the original victim will receive a free decryption key
.Otherwise, infected users have seven days to pay the bitcoin ransom to an anonymous wallet.Slide6Slide7
Steve Ragan
| December 13, 2016 Slide8Slide9
Robert
Hackett
Updated
: Nov 30,
2016
“The
“
Gooligan
” hackers infected 13,000 phones on average each
day.”Slide10Slide11Slide12Slide13Slide14Slide15Slide16
Defenseless against H
ackers…
11/18/2016 - In
late September, Springfield Armory received a report from a payment card network that it had noticed a pattern of unauthorized charges occurring on payment cards after they were used to make a purchase on its website. Following an investigation by the Company, it was determined that an unauthorized person gained access to the web server and installed code that was designed to copy information entered during the checkout process. Such information included order ID, name, address, email address, phone number, payment card number, expiration date and card security code, from orders placed between October 3, 2015 and October 9,
2016…Slide17
Officials
in multiple states are warning that
emails inviting lawyers to click on a hyperlink to view a complaint will
open a website that installs malicious software or on the lawyer’s computer, if the link is clicked.Officials in New York, Texas, Pennsylvania, Maryland and Florida are among those warning about the scam. Lawyers who received such an email should delete it immediately and should not click on the link, according to a press release by New York Attorney General Eric
Schneiderman.
Don't click! Lawyers get fake emails about a complaint; hyperlink installs malicious software
Schneiderman’s
press release and the Texas Bar Blog provide an example of one of the phishing emails. The “from” header lists “The Office of the State Attorney at com.department@outlook.com.” The subject lists “The Office of the State Attorney Complaint
.”
“Dear bar member,” the email begins. “A complaint has been filed against your business. Enclosed is a copy of the complaint which requires your response. You have 10 days to file a rebuttal if you so desire. You may view the complaint at the link below.”
By Debra
Cassens
Weiss
Posted Dec 05, 2016Slide18
The
ITRC currently tracks seven categories of data loss methods: Insider Theft, Hacking/ Skimming/Phishing, Data on the Move, Subcontractor/Third Party/BA, Employee error/ Negligence/Improper disposal/Lost, Accidental web/Internet Exposure and Physical Theft. Slide19
On November 23,
2016, Atlantis
, Paradise Island (the “Resort”) confirmed that
malware on its computer systems may
have captured
customers’ data (e.g
. the card number, expiration date, CVV and in some instances, cardholder name). Following
reports of
unusual activity
from
its credit card processor,
the Resort engaged a cybersecurity firm and discovered
suspicious files on its computer systems that indicated a potential compromise of customers’
data
for some credit and debit cards used at food and beverage and retail locations at the
resort
between March 9, 2016 and October 22,
2016…
Trouble in Paradise? Customers’ Payment Information Compromised …Slide20Slide21
France passes bill allowing class actions for data protection violationsSlide22
German company fined for
DPO conflict of interestSlide23
U.S. indicts three Romanians over $4 million cyber fraud
By Nate Raymond
| Sat Dec 17,
2016Slide24
German privacy authorities launch coordinated audit of international data transfers
Ten German data protection authorities (“DPAs”) will conduct a coordinated audit of cross-border data transfers at 500-randomly selected German companies. The audit was announced by the Data Protection Authorities of Bavaria and Berlin on behalf of other DPAs on 3 November 2016. The audit is aimed at raising awareness among the companies on the outbound transfers of personal data they process and data processing operations outside the European Economic Area. This includes intra-group data transfers, cloud solutions and any other transfers to third parties. The audit results can lead to a more thorough investigation and enforcement actions by the
DPAs.Slide25
Thank You