Weekly Recap of Cybersecurity News 10/27

In case you missed it, here are some of the biggest stories in cybersecurity from the past week!

U.S. warns public about attacks on energy, industrial firms
The U.S government issued a rare public warning about hacking campaigns targeting energy and industrial firms, the latest evidence that cyber-attacks present an increasing threat to the power industry and other public infrastructure. Read More

Hackers are targeting schools, U.S. Department of Education warns
When Superintendent Steve Bradshaw first received a threatening text message in mid-September, he didn’t know it was coming from a hacker trying to exploit his Montana school district. Read More

Hackers are attacking power companies, stealing critical data: Here’s how they are doing it
Attackers are particularly interested in industrial control systems — and they’re still at it right now. Read More

Cosmetics Brand Tarte Exposed Personal Information About Nearly 2 Million Customers
Tarte Cosmetics, a cruelty-free cosmetics brand carried by major retailers like Sephora and Ulta, exposed the personal information of nearly two million customers in two unsecured online databases. Read More

Cybersecurity pros targeted in latest attack by Group 74
The threat actor known as Group 74 has initiated a new campaign that uses a malicious Visual Basic for Applications (VBA) macro embedded in a document advertising the Cyber Conflict U.S. Conference (CYCON) to target people interested in cybersecurity issues. Read More

Bad Rabbit ransomware: A new variant of Petya is spreading, warn researchers
Updated: Organisations in Russia, Ukraine and other countries have fallen victim to what are thought to be a new variant of ransomware. Read More

Bad Ethereum heist: New phishing scam sees hackers rake in over $15,000 in just two hours
A new Ethereum phishing campaign, targeting users of the online Ethereum wallet website Myethereumwallet.com, has been uncovered. The scam saw hackers make away with over $15,000 (£11,308) in just two hours. Read More

Hackers Prepping IOTroop Botnet with Exploits
Hackers moved one step closer to launching full-scale DDoS attacks using millions of IoT devices herded into the botnet known as Reaper or IOTroop. Read More

McAfee says it no longer will permit government source code reviews
U.S.-based cyber firm McAfee said it will no longer permit foreign governments to scrutinize the source code of its products, halting a practice some security experts have warned could be leveraged by nation-states to carry out cyber-attacks. Read More

Equifax Was Warned
Last year, a security researcher alerted Equifax that anyone could have stolen the personal data of all Americans. The company failed to heed the warning. Read More

Security researchers call for calm after DHS warns of energy grid hacking
A government security alert about foreign hackers probing the networks of U.S. energy companies frightened casual observers, but security experts say the report provided little more than an update on relatively well-known activity and behavior. Read More

Kaspersky: NSA staffer’s laptop was infected with malware
The Russian cybersecurity company releases details from its internal investigation into an NSA hack, which it’s accused of being behind. Read More

APNewsBreak: Georgia election server wiped after suit filed
A computer server crucial to a lawsuit against Georgia election officials was quietly wiped clean by its custodians just after the suit was filed, The Associated Press has learned. Read More

UK government: North Korea was behind the WannaCry cyber-attack that crippled health service
“North Korea was the state we believe was involved in this worldwide attack on our systems,” U.K. Security Minister Ben Wallace said Friday. Read More

Anonymous Attacks Spanish Government Sites
Hacktivist group Anonymous has been firing up its DDoS cannon again, this time aiming it at Spanish government websites, in support of Catalan independence. Read More

Security flaw in LG IoT software left home appliances vulnerable
LG has updated its software security after researchers found flaw that left dishwashers, washing machines, air conditioners, and even a robot vacuum cleaner accessible by hackers. Read More