16 Mar Cyber Security News Wrap-up #6

It’s time for our Weekly Cyber Security News Wrap-up. Here are the stories that caught out eye this week (10th March-16th March):

a) The world’s largest cryptocurrency exchange, Binance, is offering $250,000 as a reward for anybody with information regarding an attempted hack on the company from the previous week. The company has also dedicated a total of $10,000,000 US in cryptocurrency for future bounties.

b) Following the introduction of the Notifiable Data Breaches Scheme earlier this year, the first public notification has come to surface. Shipping company Switzer has announced a data breach affecting almost half of its workforce. For almost a year, emails from 3 Australian employees were secretly auto-forwarded to an address outside of the company. Lost information includes tax file numbers, superannuation account numbers and names of family.

c) Microsoft offers bug bounties following Spectre and Meltdown flaws. The bounty program means researchers can earn up to $250,000 AUD for finding new categories of speculative execution attacks. Microsoft hoped the program will “encourage research into the new class of vulnerability and the mitigations Microsoft has put in place to help mitigate this class of issues”.

d) The Trump administration is blaming Russia for 2 years worth of cyber attacks on American power grid, which included nuclear facilities. According to the FBI, the attacks targeted networks where they staged “malware, conducted spear phishing, and gained remote access into energy sector networks”.