The Latest 19 Security breaches Worldwide – Week 11, 2019

Latest Security breaches Worldwide - Week 11, 2019

19 Security breaches Worldwide – Week 11, 2019

Be informed about the latest 19 Security breaches Worldwide, identified and reported publicly during Week 11, 2019. As these security-related breaches have a severe negative impact on your business, consider a security AUDIT to prevent any similar cases.

  • Container security is focused on the wrong processes.
    • Instead of hardening container-to-container communications, we need to be thinking about more holistic issues, such as poisoned containers, overall operational issues, and certifying images. That argument and more can be found in this post from my colleague Lori MacVittie. Operational Security is Critical for Container Safety

  • Researchers propose two new AI-based technologies to help in malware detection.
    • One is called an adversarial autoencoder, which can help create new samples of malware code. The other uses semantic hashing to better study the malware behavior and find repeated code segments. Both are explained further in this post. A Machine Learning Model to Detect Malware Variants

  • Google is adding an option to disable SMS as a second authentication factor in G Suite.
    • This means you can have the best of both worlds: an admin can enforce MFA on accounts but still allow users to deploy authentication apps or hardware keys that are more secure. The policy is enforced across your entire domain and will be rolled out over the next couple of weeks to all G Suite customers. Disable SMS or voice codes for 2-Step Verification for more secure accounts

  • Researchers have discovered a new campaign targeting Elasticsearch sites.


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in the last 7 days.

  • POS-based malware is getting more adept.
    • First is one called DMSniff, which is now targeting POS systems in retail chains. It uses an algorithm to generate command servers dynamically. This blog post dissects its operation; IT managers should watch for SSH brute force attacks and abnormal Windows processes. Second is the one called GlitchPOS, which is so simple to use and comes with its own setup video. It looks like a game (see screencap below) and has been tracked to a very active POS malware author. Various security tools can block this one. ‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses and GlitchPOS: New PoS malware for sale.

  • Report on hacked websites using this vendor’s telemetry showed an eight percentage point increase in CEO spam from last year.
    • WordPress still remains one of the most popular compromised sites. Speaking of which, this handy how-to shows you what you need to do to bring your WordPress blog up to using SSL. Hacked Website Trend Report – 2018

  • This handy reference guide explains the level of privacy available with various security tools, such as VPNs, anonymous browsing sessions, and privacy-enhanced search engines.

  • Two Kiev-based app developers have been sued by Facebook. The social networking company claims they have created malware-infested extensions to their platform.

  • Another open MongoDB database was hacked, this one containing API calls for Dalil, a Saudi caller ID app.



Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

Do you have any concerns with Security breaches? Leave your thoughts in the comments below!

Related Posts

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.