Oh, fore putt’s sake: Golf org PGA bunkered up by ransomware attack just days before tournament (The Register)

The Register: Oh, fore putt’s sake: Golf org PGA bunkered up by ransomware attack just days before tournament. “The Professional Golfers’ Association of America (PGA) was hit by ransomware just before one of the sport’s biggest pro events, which teed off on Thursday. Scrambled files on its infected computers include “creative materials” for this week’s PGA Championship as well as next month’s Ryder Cup, Golf Week reported.”

Krebs on Security: The Year Targeted Phishing Went Mainstream

Krebs on Security: The Year Targeted Phishing Went Mainstream. “It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness.”

Techdirt: Inspector General Says NSA Still Hasn’t Implemented Its Post-Snowden Internal Security Measures

Techdirt: Inspector General Says NSA Still Hasn’t Implemented Its Post-Snowden Internal Security Measures. “The NSA was going to make sure no one could just walk out of work with thousands of sensitive documents. It laid out a plan to exercise greater control over access and fail safe procedures meant to keep free-spirited Snowdens in check. The NSA is the world’s most powerful surveillance agency. It is also a sizable bureaucracy. Over the past half-decade, the NSA has talked tough about tighter internal controls. But talk is cheap — at least labor-wise. Actual implementation takes dedication and commitment. The NSA just doesn’t have that in it, according to a recent Inspector General’s report.”

The Register: How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign

The Register: How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign . “Security researchers at Check Point have lifted the lid on the infrastructure and methods of an enormous ‘malvertising’ and banking trojan campaign. The operation delivered malicious adverts to millions worldwide, slinging all manner of nasties including crypto-miners, ransomware and banking trojans.”

TechCrunch: Google follows in Apple’s footsteps by cleaning up its Play Store

TechCrunch: Google follows in Apple’s footsteps by cleaning up its Play Store . “Google is cracking down on the apps published to the Play Store. An updated version of the company’s Developer Policy, released this week, indicates the company will now ban a wider variety of apps including cryptocurrency miners, those selling firearms and accessories, those that aim to trick children into downloading adult-themed apps, and apps built using automated tools or wizard services, or based on templates.”

Krebs on Security: State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

Krebs on Security: State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China. “Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned.”