3 January 2020
2019
List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked
Luke Irwin
https://www.itgovernance.co.uk/blog/list-of-data-breaches-cyber-attacks-in-july-2019
Excerpt:
“Remember after last month’s relatively serene cyber security scene we said this wasn’t the beginning of the GDPRevolution?”
North Carolina County Lost $1.7 Million in BEC Scam
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/north-carolina-county-lost-17-million-in-bec-scam/
Excerpt:
“After falling for a BEC scam, Cabarrus County in North Carolina lost $1,728,082.60 after sending $2.5 million to scammers pretending to be contractors building the county's new high school.”
Former AWS Engineer Arrested as Capital One Admits Massive Data Breach
Jason Corcoran
https://threatpost.com/aws-arrest-data-breach-capital-one/146758/
Excerpt:
“More than 100 million customers have had their data compromised by a hacker after a cloud misconfiguration at Capital One.”
Capital One breach: Info on 106 million customers compromised, hacker arrested
Zeljka Zorz
Excerpt:
“Capital One, one of the largest banks in the United States by assets, has announced that it has suffered a massive data breach affecting the personal and financial information of some 106 million individuals in the U.S. and Canada.”
The rise of biometrics and passwordless security
Bojan Simic
https://www.helpnetsecurity.com/2019/07/29/biometrics-passwordless-security/
Excerpt:
“Whether you realize it or not, our current era of mobile and cloud computing can be defined, both positively and negatively, by shared secrets.”
Current methods for anonymizing data leave individuals at risk of being re-identified
https://www.helpnetsecurity.com/2019/07/26/anonymizing-data-risk/
Excerpt:
“With the first large fines for breaching GDPR upon us, even anonymized datasets can be traced back to individuals using machine learning, researchers from University of Louvain and Imperial College London have shown.”
Ransomware attack leaves Johannesburg residents without electricity
Zeljka Zorz
https://www.helpnetsecurity.com/2019/07/26/ransomware-johannesburg/
Excerpt:
“A ransomware attack aimed at City Power, the electricity provider for Johannesburg (aka Joburg), South Africa, has resulted in some residents temporarily without power.”
Brazilian banking users exposed by 250GB data leak
Angelica Mari
https://www.zdnet.com/article/brazilian-banking-users-exposed-by-250gb-data-leak/
Excerpt:
“An unprotected server belonging to a Brazilian financial services provider has exposed a massive batch of data from customers of various local banks, security experts have found.”
Johannesburg Electricity Provider Falls Victim to Ransomware Attack
David Bisson
Excerpt:
“A company responsible for providing electricity to the South African city of Johannesburg disclosed that it fell victim to a ransomware attack.”
Employees overestimate the efficacy of their workplace’s email security strategy
https://www.helpnetsecurity.com/2019/07/25/enterprise-email-security-strategy/
Excerpt:
“22 percent of businesses have experienced a data breach – defined as loss of confidential data or credentials, compromised account loss, or fraudulent financial transactions – due to an email-based attack in the past three months, according to GreatHorn.”
Cyberthreats targeting municipalities are on the rise
https://www.helpnetsecurity.com/2019/07/23/cyberthreats-targeting-municipalities/
Excerpt:
“Through the first half of 2019, a growing number of municipalities across the US were hit with crippling ransomware attacks, while several large companies disclosed data breaches that exposed more than 625 million records.”
How to steal a million (of your data)
Alexander Eremin
https://securelist.com/how-to-steal-a-million-of-your-data/91855/
Excerpt:
“Any user data — from passwords for entertainment services to electronic copies of documents — is highly prized by intruders. The reason is simply that almost any information can be monetized. For instance, stolen data can be used to transfer funds to cybercriminal accounts, order goods or services, and, if the desire or opportunity is lacking to do it oneself, it can always be sold on to other cybercrooks.”
FSB hackers drop files online
Danny Bradbury
https://nakedsecurity.sophos.com/2019/07/23/fsb-hackers-drop-files-online/
Excerpt:
” A hacking group that distributed files stolen from a Russian contractor to the media last week has published some of the documents online. After posting tweets taunting the Russian government, Digital Revolution exposed 170Mb of files relating to secret projects on a file-sharing server.”
Phishing attack: Students' personal information stolen in university data breach
Danny Palmer
Excerpt:
“Hackers have stolen personal data of prospective and current students at Lancaster University after gaining access to databases that contained personal information -- with victims now the targets of additional cyberattacks.”
Hacked Bluetooth hair straighteners are too hot to handle
John E Dunn
Excerpt:
“What do cigarettes, candles, and faulty electrical appliances have in common with one another? The answer is they are among the top causes of house fires in countries such as the US and UK. However, it seems there is another often overlooked cause that should be near the top of the fear list – hair straighteners.”
Kazakhstan government is now intercepting all HTTPS traffic
Catalin Cimpanu
https://www.zdnet.com/article/kazakhstan-government-is-now-intercepting-all-https-traffic/
Excerpt:
“Starting Wednesday, July 17, 2019, the Kazakhstan government has started intercepting all HTTPS internet traffic inside its borders.”
New satellite constellations aim to improve IoT connectivity options
https://www.helpnetsecurity.com/2019/07/17/satellite-iot-connections/
Excerpt:
“By 2024, there will be 24 million IoT connections made via satellite, ABI Research reveals.”
As cyber attacks increase, the cloud-based database security market grows
https://www.helpnetsecurity.com/2019/07/17/cloud-based-database-security-market/
Excerpt:
“The cloud-based database security market is expected to register a CAGR of 19.5% over the forecast period 2019-2024, according to ResearchAndMarkets.”
Hacker steals data of millions of Bulgarians, emails it to local media
Catalin Cimpanu
https://www.zdnet.com/article/hacker-steals-data-of-millions-of-bulgarians-emails-it-to-local-media/
Excerpt:
“A mysterious hacker has stolen the personal details of millions of Bulgarians and has emailed download links to the stolen data to local news publications.”
Engineer flees to China after stealing source code of US train firm
Charlie Osborne
https://www.zdnet.com/article/engineer-flees-to-china-after-stealing-source-code-of-us-train-firm/
Excerpt:
“Insider threats are a common problem for companies now increasingly reliant on computers and electronic systems, with the risk of intellectual property theft a constant worry. “
U.S. Coast Guard Issues Safety Alert Following Cyber Incident
Sergiu Gatlan
Excerpt:
“The U.S. Coast Guard issued a marine safety alert including cybersecurity guidance following a cyber incident experienced by a deep draft vessel during February which affected the ship's entire network.”
Are humans ready for AI to take control of digital security?
https://www.helpnetsecurity.com/2019/07/09/ai-control-digital-security/
Excerpt:
“Just over a quarter (26%) of people in EMEA would prefer their cybersecurity to be managed by AI rather than a human, an online study conducted by Palo Alto Networks and YouGov alongside Dr Jessica Barker reveals.”
British Airways is facing £183 million fine for 2018 data breach
Zeljka Zorz
https://www.helpnetsecurity.com/2019/07/08/british-airways-data-breach-fine/
Excerpt:
“The UK Information Commissioner’s Office (ICO) wants British Airways to pay a £183.39 million (nearly $230 million) fine for failing to protect personal and financial information of approximately 500,000 of its customers.”
Eight people are arrested in Hong Kong over cyberattacks against police as the city copes with the aftermath of anti-government protests
Excerpt:
“Hong Kong police said today they had arrested eight people for stealing and disclosing personal information of officers online as the city grapples with the aftermath of unprecedented anti-government protests that saw its parliament ransacked.”
Hacker in DDoS attacks on Daybreak Games gets two years in prison
Owen S. Good
https://www.polygon.com/2019/7/3/20680975/soe-hacker-sentenced-derptrolling-austin-thompson-utah
Excerpt:
“Another hacker behind attacks on Daybreak Game Company, then known as Sony Online Entertainment, is going to prison. Austin Thompson of Utah will be behind bars for the next 27 months, the U.S. Attorney’s Office for the Southern District of California announced Tuesday.”