The Latest 17 Security breaches Worldwide – Week 29, 2019

The Latest 17 Security breaches Worldwide - Week 29, 2019

17 Security breaches Worldwide – Week 29, 2019

Be informed about the latest 17 Security breaches Worldwide, identified and reported publicly during Week 29, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.

  • A bug in the Ad Inserter WordPress plugin allows authenticated attackers to remotely execute code.

  • Slack was hacked back in 2015, but new information has come to light that indicates more users’ passwords were compromised.
    • Slack has automatically reset affected users, and also urges everyone to employ MFA (which it launched back in 2015 in response to the hack) or at least have a unique password for their accounts. The company also links in its notification message to how to access login logs, which if your usage is like mine you will find less than useful. Slack resets passwords for 1% of its users because of 2015 hack

  • Researchers have discovered a massive leak that appears to originate from a third party who has access to the data from the Chinese marketing company Aliyun Computing.

  • Speaking of ransomware, this report shows the average ransom payout nearly tripled to more than $36,000, and average downtime increased from 7 to 9.6 days.

  • Attackers are starting to adopt lateral phishing techniques, according to this analysis.
    • This is when a phisher uses the hijacked account to try to compromise others in the victim’s contact list, such as fellow employees or personal addresses. In total, researchers identified 154 hijacked accounts that collectively sent hundreds of lateral phishing emails to more than 100,000 unique recipients. Threat Spotlight: Lateral Phishing

  • The Kazakhstan government is trying once again to force its citizens to install its own browser certificate.
    • No cert, no web access. The idea, originally attempted several years ago, is to be able to snoop on all HTTPS traffic. It isn’t clear if they will be successful, and also what the browser vendors will do if the goernment succeeds in getting this cert deployed across their country. Part of the problem is that if the vendors block the cert, users will have to find a browser that allows communications if they want to get any useful work done online. Kazakhstan government is now intercepting all HTTPS traffic


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.

  • Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed
    • A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media. These projects detail Russia’s attempt to de-anonymize users on the Tor network, collect data from social networks, and how to isolate the Russian portion of the Internet from the rest of the world. hackers stole 7.5TB of data from the contractor’s network

  • According to Belgian news reports last week, Google has been secretly recording ambient conversations around its Google Home device, even without the wake words being used.
    • Some of these recordings contain evidence of child abuse and domestic violence. Google agreed the conversations were genuine but were used to train its tools to better recognize numerous languages. They are reviewing how the data was leaked to the reporters and their various privacy safeguards. Google Home Silently Captures Recordings of Domestic Violence and More

  • Sprint said hackers broke into an unknown number of customer accounts via the “add a line” website last month.
    • They accessed PII including phone number, subscriber ID, device type, account number, billing address and other account info. They released this breach notification. Account passwords were reset. Sprint customer accounts breached by hackers

  • TrickBot has gotten more pernicious, and researchers have found it can now harvest emails from various places on your PC.



Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

Do you have any concerns with Security breaches? Leave your thoughts in the comments below!

Related Posts

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.