Skip to main content
Welcome to the Weekly Webroot Digest!#HappyFriday

 

This is a weekly series to highlight the best articles and news stories going on in the Community. 

What was your favorite story? What topics would you like to see? Sound off in the comments! :)

 



Cyber News Rundown: 2017 Year in Review

As 2017 comes to a close, we’re looking back at the 10 most significant (or simply the most devastating) cybersecurity stories of the year. 

 

Check out the full list of attack, data breaches, and other security-related events!

 



Malicious mobile apps fool consumers by imitating leading brands

By impersonating brands and fooling consumers, malicious mobile apps are on the increase, according to digital threat management leader RiskIQ in its latest Q3 mobile threat landscape report.

 

"Securing the mobile app ecosystem continues to be a challenge for app stores of all sizes, but efforts to improve version control, monitor for abuse, employ verification techniques, and offer security education can help," says Mike Wyatt, director of product operations at RiskIQ. "Tracking the use of brand names and likeness is an equally daunting challenge for corporations. Brands should evaluate and implement solutions that constantly monitor their digital footprint online and in mobile app stores."

 

Check out the full report!

 



 

Tech Support Scammers Invade Spotify Forums to Rank in Search Engines

Over the past few months, Tech Support scammers have been using the Spotify forums to inject their phone numbers into the first page of the Google & Bing search results. They do this by submitting a constant stream of spam posts to the Spotify forums, whose pages tend to rank well in Google.



 

BleepingComputer was alerted to this problem by security researcher Cody Johnston who started to see an alarming amount of tech support scam phone numbers being listed in Google search results through indexed Spotify forum posts. The tech support scams being posted to Spotify include Tinder, Linksys, AOL, Turbotax, Coinbase, Amazon, Apple, Microsoft, Norton, McAfee and more.

 

BleepingComputer has the story!

 



New Spider Ransomware Comes With 96-Hour Deadline

A new ransomware strain called Spider is targeting victims located in the Balkans in what is called a “mid-scale” campaign.

 

The Spider ransomware is unique in that attackers are given a 96-hour deadline to pay. Attackers also attempt to calm victims, assuring them the ransom payment and file recovery process will be “really easy.” Attackers go one step further and provide a link to a video tutorial on how the Spider ransomware payment and file recovery process works.

 

Threatpost has you covered!

 



Phishers Are Upping Their Game. So Should You.

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages.

 

According to stats released this week by anti-phishing firm PhishLabs, nearly 25 percent of all phishing sites in the third quarter of this year were hosted on HTTPS domains — almost double the percentage seen in the previous quarter.

 

Krebs has the full scoop for you!

 

What was your favorite story of the week?

What stories or topics would you like to see covered next week?

 

Sound off in the comments and let us know! 

Be the first to reply!

Reply