15 Security breaches Worldwide – Week 24, 2019
Be informed about the latest 15 Security breaches Worldwide, identified and reported publicly during Week 24, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- What appears to be a new campaign using some elements of the Necurs botnet and DNS compromises has been seen in the UK.
- It recycles other well-known methods, such as bulk domain purchases to appear more legit. It looks like another DNS compromise hack happening
- Consumer Reports, with the help of a $6M grant from Craigslist founder Craig Newmark, is launched a new digital testing lab to better examine privacy and security issues with new products.
- An earlier effort uncovered security bugs in Samsung smart TVs that were subsequently corrected. Consumer Reports Launches New Digital Lab
- Scammers and spammers have been abusing various Google services.
- Here is a compilation, including using messages that appear to originate from Calendar notifications, fake entries in Photos, Forms used to harvest credentials and more. How spammers use Google services
- Azure is inadvertently hosting a bitcoin phishing scheme.
- It uses a phony “verify your identity” message that just harvests your credentials. This researcher complains that reporting scam sites isn’t easy, and Microsoft should simplify the process if it wants to stamp out these scammers. Bitcoin verify your Identity phishing scam hosted on Microsoft Azure hosting
- Google had two important security announcements this week.
- First, they have created a more granular API for Chrome extensions to limit their requests into your private data. Second, phones running Android v7 or above now have a built-in MFA tool. Both business and individual users with Google Accounts can use their phones to verify their logins as another physical security key. You’ll need to enable Bluetooth and also download the Google Smart Lock app. The latest news and insights from Google on security and safety on the Internet
- The Mirai botnet has been seen with a series of enhancements that make it more lethal.
- Researchers found new intended targets, including wireless presentation systems and smart home controllers. The new code also exploits Dell Kace and Oracle WebLogic servers with remote code execution attacks. New Mirai Variant Adds 8 New Exploits, Targets Additional IoT Devices
- A new take on Rowhammer has been developed by academic researchers.
- They call it RAMBleed. It can break into RAM storage and hackers can lift your encryption keys. Dan Goodin at Ars provides more context and why error-correcting memory doesn’t matter. Researchers use Rowhammer bit flips to steal 2048-bit crypto key
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.