Massive mortgage and loan data leak gets worse as original documents also exposed
Earlier this week, a security researcher found an unprotected Elasticsearch server that exposed financial data relating to tens of thousands of current and former loan- and mortgage holders in the US. The database contained converted versions of text documents mentioning names, birth dates, address details, social security numbers and other
Cloud Customers Faced 681M Cyberattacks in 2018
According to a new report by Armor, a total of 681 million cyberattacks targeted cloud customers in 2018. The most popular attack techniques employed by threat actors were exploiting software flaws; accessing accounts through by brute-forcing or through stolen login data; targeting poorly secured devices that are part of the
This malware uses debt to prey on banking victims
Security researchers with Palo Alto Networks have been tracking a malware campaign involving the distrubution of the Redaman banking Trojan through widespread malspam campaigns with varying subject lines relating to debt collection and other financial obligations. The campaign mainly targets Russian speakers, although emails containing the Trojan as an attachment have been
‘Nearly all’ American networks will be susceptible to cyberattacks
The Office of the Director of National Intelligence has released a new four-year strategy for the American intelligence community. The main topic of the road-map is cybersecurity, while the document also focuses on subjects such as counter-terrorism and counter-proliferation. “As the cyber capabilities of our adversaries grow, they will pose increasing threats
Cyberattacks fueled by geopolitical tension are increasing
A new report by Carbon Black indicates that geopolitical tensions between democratic western countries and authoritarian states such as Russia, China, North Korea, and Iran, lie at the root of an increasing number of cyberattacks. For instance, almost 50% of incident response investigations undertaken for Carbon Black customers in 2018 were
New Anatova Ransomware Supports Modules for Extra Functionality
Security researchers with McAfee have discovered a new ransomware strain dubbed Anatova. The ransomware was found disguised as a game in a peer-to-peer network. Anatova will encrypt files on infected computers and subsequently demand a ransom of around $700 in DASH cryptocurrency (10 coins). The campaign is targeting users around the globe,
Microsoft remains the most impersonated brand, Netflix phishing spikes
According to Vade Secure’s latest phishing report, the most impersonated brand in the final quarter of last year was Microsoft (again). The other brands making up the top 10 were Netflix, Paypal, Bank of America, Chase, DHL, Facebook, Docusign, Linkedin and Dropbox. Phishing messages pretending to come from Netflix increased
Global Talent Shortage is Top Emerging Risk Facing Organizations
Talent shortage has clinched the top spot in the latest version of Gartner’s Emerging Risks Survey, which is based on data from the fourth quarter of 2018. The other top entries in the list of emerging risks for businesses were accelerating privacy regulation, the rapid pace of change, lagging digitization, and misconceptions
Apple Patches Dozens of Vulnerabilities in iOS, macOS
Apple has released security patches and other fixes for a host of flaws affecting iOS, macOS, tvOS, watchOS, Safari and iCloud. Many of the 31 iOS patches fixed arbitrary code execution vulnerabilities affecting various features including Bluetooh, FaceTime and Kernel. Other iOS security flaws that were addressed could have enabled
DHS releases emergency order to prevent DNS hijacking
On Tuesday afternoon, the Department of Homeland Security ordered federal agencies to implement a variety of security measures aimed at preventing DNS hijacking attacks. As part of such attacks, threat actors target the domain name system (DNS) infrastructure that plays an essential role in directing Internet traffic, in order to redirect