17 Security breaches Worldwide – Week 26, 2019
Be informed about the latest 17 Security breaches Worldwide, identified and reported publicly during Week 26, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- Malware called Silex has been targeting numerous IoT devices.
- What is interesting is that the author is a 14-year old who goes by the handle Light Leafon. The malware exploits the default credentials and deletes any storage and configuration settings. Over 2,000 devices have been bricked in the span of a few hours. Attacks still ongoing. New Silex malware is bricking IoT devices, has scary plans
- The Chinese state-sponsored hacking group APT10 has compromised numerous technology service providers in a campaign labeled Cloud Hopper.
- Trend Micro reported on this in April, this current news story filled in details about their techniques at a series of attacks at Swedish telcom giant Ericsson. Many victims aren’t clear about what confidential data was stolen. Operation Cloud Hopper: What You Need to Know and Inside the West’s failed fight against China’s ‘Cloud Hopper’ hackers
- Third-party web trackers are proliferating, according to a new analysis.
- There are an average of 21 trackers per web page and Google, Facebook and Twitter are the most popular sources. Almost every ecommerce login page is at risk of leaking credentials to these trackers. Detecting the Hidden Behaviors of Externally Controlled Tools and Scripts (pdf)
- Hacking groups are targeting hotel WiFi networks because they are a rich data source.
- This report follows some of their exploits used by a white hat pen testing group. Back doors to your personal data can be found in everything from smart fish tanks to Wi-Fi pineapples. The Hotel Hackers Are Hiding in the Remote Control Curtains
- Argos is a major UK retailer that was a frequent phishing lure last year.
- Those attacks have continued, according to researchers. This post dissects the phished messages, showing the various tells such as a spoofed origination address, hidden URLs and copies of the company’s logos and email templates. The messages have eluded detection on some gateways. Phishing Attacks on High Street Target Major Retailer
- A personal post from security researcher Robert Heaton. He received a very convincing email request to judge an academic prize.
- Fortunately for him he viewed the email in Chrome; had he been using Firefox, he would have been hit with a zero day piece of malware hidden in that email. I was 7 words away from being spear-phished
- A new FireEye report shows a recent spike in URL-based HTTPS phishing attacks
- Why phishers are using HTTPS links in their lures. FireEye has noted this trend in a recent report and they expound on how it has made the lures more believable. If you get a message with just a link and no other content, don’t be tempted to click on it. HTTPS Phishing: The rise of URL-based attacks
- Beware of those “security consultants” that are marking up ransom demands and paying them on your behalf.
- This sting caught Red Mosquito Data Recovery in its net. We recently wrote about two U.S. firms that promised high-tech ransomware solutions but instead paid the cyber-attacker. A U.K. company appears to do the same. Sting Catches Another Ransomware Firm — Red Mosquito — Negotiating With “Hackers”
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.