The Latest 19 Security breaches Worldwide – Week 10, 2019

Latest Security breaches Worldwide - Week 10, 2019

19 Security breaches Worldwide – Week 10, 2019

Be informed about the latest 19 Security breaches Worldwide, identified and reported publicly during Week 10, 2019. As these security-related breaches have a severe negative impact on your business, consider a security AUDIT to prevent any similar cases.


  • This firm has developed the Pwn Index, a score for the price of leaked data from breaches.

  • The Lime RAT malware has been involved in some new phishing campaigns.

  • Every day Zimperium detects 600M wireless threats using its software tools.

  • This is one of the best explainers on Mimikatz that I have seen.
    • It is a popular hacking tool that is also used by defenders. For example, it was part of the NotPetya and BadRabbit attacks. It leverages the Windows SSO to harvest credentials. It also has several tips on how you can defend against its misuse, such as hardening the Local Security Authority to stop code injections and turning off debugging privileges. What is Mimikatz? And how to defend against this password stealing tool

  • 12 Ways to Hack 2FA
    • Passwords are finally being left behind in favor of two-factor (2FA) and multifactor (MFA) authentication. Some vendors are promoting “unhackable” 5FA solutions. It’s all a lie. All authentication solutions can be hacked. Come learn at least 12 ways 2FA can be hacked, how 2FA really works behind the scenes, what the holes are, how to hack it and how you can defend against those attacks. 12 Ways to Hack 2FA

  • Report by academic researchers examines the role played by criminal use of SSL certificates that are sold across the dark web.

  • A new report from 4iQ looks at the past year’s top 12 breaches.
    • The six “Collections” was in the top spot. For the first time, underground data brokers are actively including in their offerings citizen data, such as voter data. There is some good news: the number of leaky devices is slowly on the decline. IDENTITIES IN THE WILD: THE LONG TAIL OF SMALL BREACHES

  • This is an interesting study about what kinds of authentication security is required when a user in distress calls 35 different support centers.

  • Symantec has a new report on the Whitefly malware that is targeting Singaporean users.

 


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in the last 7 days.


  • A total of 45,000 patients of the Rush Medical System patients may have been compromised in a data breach.

  • A report that examines three million mobile apps running on half a million devices shows how they have been compromised by various attacks.
    • It covers threats to apps, to networks, and to the overall device OS itself. Most of the phony malicious apps are trying to steal data (see the bar chart below) or manipulate the actual device itself. More than half of mobile apps examined have data leak issues and other vulnerabilities. Also, phishing attacks have shifted over to the mobile space lately. MOBILE SECURITY REPORT


  • The latest report from the Anti-Phishing working group is out.
    • For the final quarter of 2018, the number of phishing attacks hosted on Web sites that have SSL certificates declined for the first time in history. Half of the originating domains that are used for phishing are the new generic ones such as .XYZ and .ONLINE. Phishing Activity Trends Report


  • Over the weekend, Palestinian hackers used DNS poisoning to infect web-based widgets with ransomware in popular Israeli news websites, such as YNETNEWS.
    • The injected code misfired, however. The malicious file – a.k.a flashplayer_install.exe – appears to be a ransomware, i.e. malware that encrypts all of your files and then asks for a ransom in exchange for the decryption key. This sample is another example of malware that shows the hackers put a lot of effort into bypassing the AV and other protections. THREAT RESEARCH BLOG POST – OpJerusalem FlashInstaller Ransomware

  • Chronicle, the Google/Alphabet subsidiary that was launched last year, introduced Backstory yesterday.
    • Customers can upload their security telemetry logs to their cloud-based service and analyze them for threats. Many existing security tools offer this, but not at scale. Pricing wasn’t made public, but you can sign up for a webinar to learn more here.



 


 

Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

Do you have any concerns with Security breaches? Leave your thoughts in the comments below!

Related Posts

Leave a comment

Do NOT follow this link or you will be banned from the site!