IT Security Stories to Watch: Comodo Identifies Facebook Malware

Cybersecurity solutions provider Comodo Threat Research Lab has discovered a new malware attack targeted specifically at businesses and consumers that use Facebook (FB).

And as a result, Comodo tops this week’s list of IT security newsmakers to watch, followed by the University of Virginia (UVA), Cisco Systems (CSCO) and Vormetric. 

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week’s edition of IT security stories to watch to find out:

1. Comodo releases details about Facebook malware

Comodo has identified Facebook malware that tries to represent itself as an email from Facebook that states there is a new message for the recipient.

The malware brands the sender’s email address and name as Facebook, but neither are associated with the social network, according to Comodo. 

“In this age of cyber attacks, being exposed to phishing is a destiny for every company, well-known or not. It may not be the most groundbreaking attack method cybercriminals use — but there’s no denying that cybercriminals are becoming more clever when crafting their messages,” Comodo Director of Technology Fatih Orhan said in a prepared statement. 

2. FBI informs UVA employees about data breach

The Federal Bureau of Investigation (FBI) has notified UVA employees about a data breach.

FBI officials noted the incident may have impacted approximately 1,400 UVA employees. 

“This incident is the result of a ‘phishing’ email scam by which the perpetrators sent emails asking recipients to click on a link and provide user names and passwords,” UVA said in a prepared statement. “Once the perpetrators were able to gain access to the HR system, payroll records of approximately 1,400 employees were accessed by the perpetrators.”

3. Cisco: 45% of enterprises confident about security

A new Cisco report showed only 45 percent of enterprises are confident in their security relative to today’s cyber threats.

The report also indicated many cyber attackers are using legitimate online resources to launch malicious campaigns.

“While the major trends remain essentially constant, the cumulative intelligence in the reports demonstrates how quickly attackers — with the luxury of working outside the law — innovate to exploit new security gaps,” Cisco Senior Vice President John Stewart wrote in a blog post. 

4. Vormetric: 61% of orgs. have experienced a data breach in the past year

Vormetric’s fourth annual “Data Threat Report” indicated 61 percent of senior IT security leaders said their organizations have experienced a data breach in the past year, up 22 percent on a year-over-year basis.

In addition, the report showed tools organizations spent more on tools that have been less effective at preventing data breaches, such as network defenses and endpoint or mobile, over the past year. 

“There are significant concerns about how enterprises and federal government agencies are safeguarding confidential citizen, customer and company information,” Tina Stewart, Vormetric’s vice president of global marketing, said in a prepared statement. “Organizations seem to be in denial about the risk, and are relying on tools that consistently fail against today’s multi‐layer attacks rather than adding a stronger emphasis on protecting data and valuable customer information.”

What are your thoughts on this week’s IT security stories to watch? Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected].