» Tripwire researchers warned of cyberscammers using robo calls to contact potential victims during the holiday season and then posing as Microsoft tech support in order to gain access to a victim’s computer and load malware.
» The hacktivist group Anonymous set its sights on ISIS and Donald Trump, claiming it had taken down a Trump Tower website via a distributed denial of service attack in response to the billionaire presidential candidate’s heated rhetoric and call to ban all Muslims from entering the U.S. The group also claimed to have taken down 5,500 pro-ISIS Twitter accounts.
» Macro malware was once again on security professional’s radar in a big way impacting at least 100,000 people through phishing scams since it began its resurgence earlier this year, said Intel Security. The malware saw its heyday in 1999 when it was first observed and known as the Melissa virus.
» FireEye spotted the financial threat group FIN1 targeting payment card data using sophisticated malware dubbed “BOOTRASH” that executes before the operating system boots and modifies the legitimate system Volume Boot Record, hijacking the system boot process to begin loading its malware ecosystem components, dubbed Nemesis.
» A linen services company in New Hampshire pleaded guilty to hacking into the computer server of a similarly named, but smaller competitor. General Linen Services pleaded guilty under U.S. Code Title 18, Section 1030, for taking over 1,000 invoices from a local competitor via that company’s computer system in an effort to steal customers, according to the Federal Bureau of Investigation.
» The Atlanta-based SecureWorks, a cybersecurity business unit of Dell, put in the paperwork with the U.S Securities and Exchange Commission on Thursday to initiate an IPO.
» The Federal Trade Commission approved a $100 million settlement with LifeLock over a 2010 contempt charge, the largest such payout in FTC history. The FTC said LifeLock violated the terms of a 2010 federal court order that required the company to secure consumers’ personal information and prohibits the company from deceptive advertising.
» Facebook became the latest in a line of firms that has ditched insecure Flash in favor of HTML5 for all its videos. However, the social network will continue to use the technology in games on the website and said it would work with Adobe, the firm behind Flash, to improve reliability and security.
» Akamai reported there were 1,510 DDoS attacks, for a 180 percent increase, compared to the same period last year, but found out that on average the attack length was shorter with a lower volume level than in the past. For the period in question an average DDoS attack lasted 18.86 hours, down from 22.36 hours with peak attack volume 89 percent lower this year.
» The Office of Personnel Management got hammered yet one more time for breaches that laid the agency low last year as a report from the Inspector General’s office took it to task for the way it awarded a contract to a firm charged with providing identity protection services to those affected by the hacks.