The City of Greenville, NC is held up under ransomware, Yahoo's multi-million dollar breach settlement, potentially easier Android security updates and more in This Week in Cyber Security: where we highlight select top cyber security stories from each week and share them here. Don't forget to follow our daily blog for more in-depth cyber security and technology news.

The Week of April 12th, 2019:

  • Microsoft released new updates that include fixes for over 70 vulnerabilities across their various products, two of which are zero-day flaws. The two vulnerabilities, CVE-2019-0803 and CVE-2019-0859, reside within a component that exists across all versions of Windows, and can be involved in remote access of an infected workstation by an attacker. Consult your system administrator or IT contact about this share of patches before deployment. (Recorded Future)
  • After their massive data breach in 2013, Yahoo has offered a $117 Million settlement to the associated class-action lawsuit. The settlement breaks down to roughly $55M for the victims, $24M for the 2 years of credit monitoring, and the rest dispersed for legal fees and other expenses. When the projected amount of affected Yahoo uses from the breach was exposed in 2017, its parent company, Verizon, set a goal to spend over $300 Million on cybersecurity over the next four years, reportedly more than 5 times the amount that Yahoo spent from 2013 to 2016. (InfoSec Magazine)
  • Mozilla is currently beta testing a new ability within Firefox to block crypto mining and fingerprinting tracking software. Following the path of fellow web browsers such as Safari and Brave, this upcoming initiative is a collaboration with Disconnect, a program that uses a VPN service to secure HTTP and DNS connections and block tracking requests. Mozilla is looking to enable the new service protection by default in a future release. (CNET Security)
  • This week, the City of Greenville, NC was the victim of a massive ransomware attack called “Robbinhood.” While the police investigation was in process and damage was being remedied, the city had to shut down the majority of its servers, including ones used by police, fire, and rescue. As of now, the attack has been contained, the FBI is involved with the investigation and the restoration is still in progress. Public officer Brock Letchworth stated that the attack has affected all Greenville city departments and the city refuses to divulge the amount of the demanded ransom. (WCTI-12 News, WNCT 9 News, @GreenvilleGov – Twitter)
  • Researchers from the website 9to5Google have discovered code that could lead to Google potentially issuing Android system updates directly through the Play Store. This could be significant not only for ease of updating, but also in the speed of delivery for security patches. This could fit right in with Google’s Project Treble initiative, which is being made to assist Android manufacturers in getting security updates for their custom OS released quicker to avoid potential vulnerabilities. (Digital Trends – 9to5Google)

neoRhino’s Remote Managed Services and Advanced Security Packages are here so you can focus on your daily duties. You can relax knowing that we are here to protect you. Call us at (281) 779-4850 for a FREE consultation and we can help your business today.