Round Up of Major Breaches and Scams
As predicted, TikTok is taking the Trump administration to court over the President’s Executive Order which will effectively ban the app in the US. The order, which was issued on August 6, alleged that the social firm’s data collection on large numbers of US citizens exposes them to Communist Party efforts to build “dossiers of personal information for blackmail, and conduct corporate espionage.”
A recent survey of 3,200 people in 524 organizations that suffered data breaches is a bit of a mixed bag. Ponemon’s “Cost of a Data Breach Report 2020” (commissioned by IBM) reveals that despite an apparent decline in the average cost of a data breach — from $3.92 million in 2019 to $3.86 million this year — the price tag was much less for mature companies and industries and far higher for firms that had lackluster security automation and incident response processes. In the same vein, Ponemon’s examination of the average cost per record varied widely according to the kind of data that was exposed or stolen.
An investigation from AtlasVPN revealed that the U.S Military personnel have lost around $379.6 million to a range of fraudulent schemes from 2015 to June 30, 2020. According to the report, military staff have reported more than 680,000 complaints about fraud, identity theft, or other consumer issues to the Federal Trade Commission (FTC).
The company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker, according to researchers. A team at SafetyDetectives led by Anurag Sen discovered an Elasticsearch server without password protection or encryption on August 10. It failed to get a response from the company in question, government-backed travel marketplace RailYatri, but the database was eventually secured after contact was made with India’s national CERT (CERT-In).
Round Up of Major Malware and Ransomware Incidents
Cyber-security firm Group-IB says it identified a group of low-skilled hackers operating out of Iran that has been launching attacks against companies in Asia and attempting to encrypt their networks with a version of the Dharma ransomware. The attacks have targeted companies located in Russia, Japan, China, and India, according to a report Group-IB researchers published today.
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains capture our collective imagination. Yet these groups still aren’t likely to be a part of the risk model at most companies, nor should they be. Businesses today are faced with an array of much more immediate threats, from ransomware and customer information leaks, to competitors engaging in unethical business practices.
For over 36 hours, the popular darknet market – Empire Market – has remained offline. This is according to a range of sources, not least the researcher and analyst Dark.fail who has been tweeting about this blackout. Moreover, this subject has been attracting significant attention in various online forums, including the Reddit threat r/darknet and its deep web equivalent, Dread. According to Dark.fail, the blackout is a result of a distributed denial-of-service (DDoS) attack. In other words, the server was bombarded with artificial traffic.
In brief It has not been a good week for major Canadian shipping company Canpar Express. The Canuck parcel-mover’s website fell offline for days as it tackled a ransomware outbreak on its internal systems. We are also told by readers who reside in America’s Hat that deliveries have been negatively affected – things like package tracking and scheduling pickups are not possible right now, for instance.
Round Up of Major Vulnerabilities and Patches
Nearly every enterprise these days has a critical component of their work environment powered by mobile devices. Indeed, we estimate that well in excess of 50% of workers employed mobile apps as part of their work before the current pandemic hit, and we estimate that has now increased to greater than 85% of users who work from home at least part time. With the critical nature of mobile in not only large businesses but smaller organizations as well, it’s imperative that companies maintain a secure posture for their devices and user apps.
The popular video conferencing app Zoom is currently suffering a service outage where users are unable to join or attend Zoom meetings. According to DownDetecter, a platform that reports on online platforms going through service disrupting, the scale of this outage can be seen affecting users all over the United States, some parts of the United Kingdom, and Germany. It is worth noting that due to the COVID-19 pandemic there has been a sudden increase in video conferencing apps including Zoom, Google Meet, and Microsoft Teams.
A research from industrial cybersecurity firm Claroty revealed that around 70% of the industrial control system (ICS) vulnerabilities discovered in the first half of 2020 can be exploited remotely. In its report titled “Biannual ICS Risk & Vulnerability Report,” Claroty evaluated over 365 ICS flaws that were added to the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).