3 January 2020
2019
Exclusive — Hacker Steals Over 218 Million Zynga 'Words with Friends' Gamers Data
Swati Khandelwal
https://thehackernews.com/2019/09/zynga-game-hacking.html
Excerpt:
“A Pakistani hacker who previously made headlines earlier this year for selling almost a billion user records stolen from nearly 45 popular online services has now claimed to have hacked the popular mobile social game company Zynga Inc.”
CSM-ACE the right platform to address cyber security issues: Gobind
Excerpt:
“The 2019 Cyber Security Malaysia - Awards, Conference & Exhibition (CSM-ACE) - which kicked off today with the theme, “Cyber Defence” is the appropriate platform in addressing various issues to protect sensitive information and to safeguard assets.”
Malindo Air says traced data leak to India, suspects ex-staff of e-commerce partner
Emmanuel Santa Maria Chin
Excerpt:
“A security breach that resulted in millions of Malindo Air customers’ information being leaked online last week was executed by a former staff of e-commerce partner GoQuo (M) Sdn Bhd, the airline said today.”
Malindo Air investigating customer data breach
Derek Yong Zher
https://www.thestar.com.my/news/nation/2019/09/18/malindo-air-investigating-customer-data-breach
Excerpt:
“Malindo Air is investigating a recent compromise with the personal data of Malindo Airways passengers stored on “a cloud-based environment”, says Malindo Air in a statement Wednesday (Sept 18).”
Police have called in more than 70 people over KLIA systems glitch
Farik Zolkepli
Excerpt:
“Police have recorded statements from more than 70 people in connection with the systems glitch at Kuala Lumpur International Airport (KLIA), says Comm Noor Azam Jamaludin.”
German cops arrest suspects in raid on darknet server
https://www.dw.com/en/german-cops-arrest-suspects-in-raid-on-darknet-server/a-50600895
Excerpt:
“Seven have been arrested and a darknet server shut down after a raid in western Germany. The suspects are under investigation for trafficking weapons, drugs and child sex abuse images.”
Confidential data of 24.3 million patients discovered online
https://www.helpnetsecurity.com/2019/09/18/confidential-patient-data/
Excerpt:
“Greenbone Networks has released details of new research in to the security of the servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans.”
European police arrest Dark Web counterfeit currency traders
Charlie Osborne
https://www.zdnet.com/article/european-police-arrest-dark-web-counterfeit-currency-traders/
Excerpt:
“Europol has announced the arrest of members of one of Europe's most prolific counterfeit currency networks.”
Hackers who hit Texas with ransomware attack demanded $2.5 million, got nothing
Graham Cluley
Excerpt:
“In the early morning of Friday August 16th 2019, hackers managed to infiltrate the networks of 22 local government organisations in Texas via a third-party services provider, planting ransomware that encrypted data and disrupting business-critical services.”
Global security screening systems market to reach $12.2 billion by 2024
https://www.helpnetsecurity.com/2019/09/06/security-screening-systems-market/
Excerpt:
“The global security screening systems market was worth $7.9 Billion in 2018, according to ResearchAndMarkets.”
Most citizens are against local governments paying ransomware attackers
https://www.helpnetsecurity.com/2019/09/06/governments-paying-ransomware-attackers/
Excerpt:
“Nearly 80% of US citizens are increasingly worried about ransomware attacks on cities – yet more than half are still hesitant to have city governments put forth the funds to fight off hackers or implement cybersecurity defenses to help protect against attacks in the first place, according to a survey conducted by Morning Consult on behalf of IBM.”
Google to pay $170 million for violating children’s privacy on YouTube
https://www.helpnetsecurity.com/2019/09/05/youtube-coppa-violation/
Excerpt:
“Google and its subsidiary YouTube will pay a record $170 million to settle allegations by the Federal Trade Commission (FTC) and the New York Attorney General that the YouTube video sharing service illegally collected personal information from children without their parents’ consent.”
JSWorm: The 4th Version of the Infamous Ransomware
Pierluigi Paganini
https://securityaffairs.co/wordpress/90811/malware/jsworm-4-ransomware-analysis.html
Excerpt:
“The ransomware attacks have no end. These cyber weapons are supported by a dedicated staff that constantly update and improve the malware in order to make harder detection and decryption. As the popular GandCrab, which was carried on up to version 5 until its shutdown, also other ransomware are continuously supported with the purpose of creating revenues for cyber criminals. One of them is JSWorm, which has been updated to version 4.”
Facebook leak contained phone numbers for 419 million users
Napier Lopez
Excerpt:
“Another month, another Facebook data breach. As reported by TechCrunch, security researcher Sanyam Jain was able to locate an online database containing phone numbers linked to user IDs for over 419 million Facebook users.”
CEO ‘Deep Fake’ Swindles Company Out of $243K
Lindsey O'Donnell
https://threatpost.com/deep-fake-of-ceos-voice-swindles-company-out-of-243k/147982/
Excerpt:
“In the first known case of successful financial scamming via audio deep fakes, cybercrooks were able to create a near-perfect impersonation of a chief executive’s voice – and then used the audio to fool his company into transferring $243,000 to their bank account.”
Ransomware gang wanted $5.3 million from US city, but they only offered $400,000
Catalin Cimpanu
Excerpt:
“A ransomware gang tried to extract a ransom payment of an unheard-of sum of $5.3 million from the city of New Bedford, Massachusetts, but the city chose to restore from backups after hackers rejected a smaller counter-offer of only $400,000.”
Hackers earn nearly $2 million in bounties during HackerOne’s live hacking event
https://www.helpnetsecurity.com/2019/09/04/hackerone-h1-702/
Excerpt:
“HackerOne, a hacker-powered pentesting and bug bounty platform, announced hackers earned more than $1.9 million in bounties during Las Vegas live hacking event, dubbed h1-702. Hackers found and reported 1,000 security flaws for participating companies.”
How fraud prevention tech can save banks €10M a year
https://www.helpnetsecurity.com/2019/09/04/fraud-prevention-tech/
Excerpt:
“A typical European bank, serving 10 million customers, could save up to €10 million annually and avoid growing fines by the regulator by implementing technology to improve the ‘Know Your Customer’ (KYC) processes, according to new research from Mitek and Consult Hyperion.”
XKCD Forum Hacked – Over 562,000 Users’ Account Details Leaked
Mohit Kumar
https://thehackernews.com/2019/09/xkcd-forum-hacked.html
Excerpt:
“XKCD—one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language—has suffered a data breach exposing data of its forum users.”
Cardholders still dropping the ball when it comes to basic ID theft prevention
https://www.helpnetsecurity.com/2019/09/03/basic-id-theft-prevention/
Excerpt:
“Four in 10 people with a credit or debit card have provided their full Social Security number in an online form in the past month, according to a new report from CompareCards, as Americans continue to wrestle with how best to combat identity theft two years after the Equifax data breach.”
How to reduce the attack surface associated with medical devices
Zeljka Zorz
https://www.helpnetsecurity.com/2019/09/03/medical-devices-attack-surface/
Excerpt:
“As the number of connected medical devices continues to rise, so does healthcare organizations’ attack surface.”
German bank loses €1.5 million in mysterious cashout of EMV cards
Catalin Cimpanu
https://www.zdnet.com/article/german-bank-loses-eur1-5-million-in-mysterious-cashout-of-emv-cards/
Excerpt:
“Criminals have stolen more than €1.5 million ($1.65 million) from a German bank by cloning customer debit cards and then cashing out user funds across Brazil, despite the original cards being protected by EMV (chip-and-PIN) technology.The thefts happened last week and involved the customers of German bank Oldenburgische Landesbank (OLB).”