Welcome to this week’s security review, which includes ESET releasing a new decryptor for TeslaCrypt ransomware, new revelations about a 2012 LinkedIn data breach and expert insight into Operation Groundbait.

ESET releases new decryptor for TeslaCrypt ransomware

ESET announced a decryptor for TeslaCrypt, a ransomware that has been described as being “notorious”. It was revealed that, following the announcement from TeslaCrypt’s operators that it was ceasing its activities with this, one of ESET’s analysts got in touch with the group. The universal master decryption key was requested and, “surprisingly, [it] was made public”. “This allowed ESET to create a free decrypting tool promptly, which is able to unlock files affected by all variants of this ransomware,” ESET stated in a WeLiveSecurity article.

Millions of people compromised by 2012 LinkedIn data breach

data breach at LinkedIn

It emerged that a LinkedIn data breach from 2012 was far bigger than previously thought. An unknown individual going by the moniker Peace said that he had in his possession over 117 million usernames and passwords, which were available for purchase. LinkedIn said: “We have demanded that parties cease​ making stolen password data available​ and will evaluate potential legal action if they fail to comply.”

Operation Groundbait: Espionage in Ukrainian war zones

ESET’s Robert Lipovsky and Anton Cherepanov discussed the recent discovery of a cyberespionage operation in Ukraine – Operation Groundbait. They revealed that what makes this different from other similar attacks – such as BlackEnergy and Operation Potao Express – is “that it has mostly been targeting anti-government separatists in the self-declared Donetsk and Luhansk People's Republics”.

Cybercrime on the rise as economic crime ‘goes digital’

cybercrime

Economic crime has gone digital, explained a report from PwC, which went on to say that the threat of cybercrime continues to widen. One of the concerns highlighted by the authors is that organizations tend to be unaware that they have been attacked, with cybercriminals able to “remain on organizations’ networks for extended periods of time without being detected”. Part of this is down to the fact that many enterprises still consider cybercrime an “IT problem”.

Privacy and security fears – predictably – impact US online commerce

Commenting on a recent study from the National Telecommunications and Information Administration, which reported that “Americans are increasingly concerned about online security and privacy”, ESET’s Stephen Cobb was keen to highlight the significance of the results: “The US government has admitted things are going downhill in cyberspace, and published solid statistical evidence to back that claim.”

Location-tracking apps ‘breach of European data protection law’

data protection

European data protection law is being compromised by at least three location-tracking apps, with US-based Runkeeper considered to be the worst offender, the Norwegian Consumer Council revealed. “According to the Data Protection directive, controllers must limit the length of time they store and process personal data,” it stated. “Data may only be kept for as long as it is relevant. Apps such as Runkeeper should therefore not continue to store personal data long after a user has stopped using the service.

Expect the unexpected: The importance of audit logging

In the final part of her series on the Four “A”s of Account Management, ESET’s Lysa Myers discussed the importance of audit logging, which records attempted or completed actions. She said: “When implemented thoughtfully, audit logging can be a very effective way to make sure your access policies are living – and continuously updated – documents that reflect the reality of the way your users interact in your environment.”