News broke this morning that ransom attacks on MongoDB databases revamped over the weekend after an apparent pause. According to the security researchers Dylan Katz and Victor Gevers, three new groups appeared on the threat landscape and hijacked over 26,000 servers. One of them, in particular, is responsible for hijacking 22,000 machines. Security experts commented below. Tony Rowan, Chief Security Consultant at SentinelOne: “In many cases, the data stored and accessed in these MongoDB databases is going to be the lifeblood of the business so attack groups are going to continue to go after them, especially if the data owners fail to protect that data effectively. As we…
ISBuzz Team
News broke this morning that Taringa, a Reddit-like social network website for Latin American users has suffered a massive data breach in which 28 million accounts of registered users have been stolen. Andrew Clarke, EMEA Director at One Identity commented below. Andrew Clarke, EMEA Director at One Identity: “The reported breach at Taringa highlights some fundamental issues. The fact that an administrative file holding passwords was accessible demonstrates little or no control over privileged accounts. Then the passwords were easily cracked since the company used a weak MD5 (128-bit) algorithm rather than SHA-256. And the user passwords were not enforced by a…
Henry Seddon, VP EMEA at Duo Security: “The findings reveal that universities – staff and students – make popular targets for these attacks, which leaves them vulnerable to all kinds of security risks. The challenge is that phishing attacks are increasingly sophisticated – a targeted spear phishing attack can be particularly difficult to spot – but they can ultimately compromise the security of the entire network. They open the doors to hackers, with stolen credentials, to access an organisation’s system virtually undetected, posing as an authorised user. Worryingly, phishing is now the most popular way of delivering ransomware onto an organisation’s…
Following the news about 9,400 US Fed Security Clearance Employees’ Info Leaked, IT security experts commented below. Lisa Baergen, APR, MMC, Marketing Director at NuData Security: “All data breaches are serious for those individuals and organizations concerned, but this breach is particularly concerning given the status of the affected parties. Data that is stolen during a breach will most likely end up for sale on the dark web, and this data is no different. The personal information of US citizens with top secret clearance for sale on the dark web is potentially disastrous and could attract attention from major criminal organizations…
It has been reported that Instagram has revealed a flaw in its systems revealed “a number of” stars’ phone numbers and email addresses to cyber-attackers.The Facebook-owned social network has emailed verified members, usually prominent figures, to let them know. It said it believed “one or more” attackers had targeted high-profile stars to get their contact information. Instagram said passwords had not been stolen but warned users to watch for suspicious activity on their accounts. IT security experts are commented below. Mark James, Security Specialist at ESET: “There is one thing that anyone in the IT business will tell you- is if you use, create,…
According to the latest news, the U.S. Food & Drug Administration (FDA) has identified serious cybersecurity vulnerabilities in the patch of ‘Abbott’ implantable cardiac pacemakers. As a result, more than 450,000 devices need to be reprogrammed, and several of the vulnerable models have been recalled in the US. Kaspersky Lab has been investigating the problem of smart medicine, revealing the high level of vulnerability that results from an ever-increasing number of medical devices connected to data systems. Denis Makrushin, Security Researcher at Kaspersky Lab commented below. Denis Makrushin, Security Researcher at Kaspersky Lab: “Vulnerabilities in smart medical devices such as pacemakers…
The researchers have found five holes in the firmware running on Arris modems, three of which are hardcoded backdoor accounts. An attacker could use any of these three accounts to access and take over the device with elevated privileges — even root — install new firmware, and ensnare the modem in a larger botnet. According to Nomotion, the flaws are found in both the standard Arris firmware, but also in the extra code added on top by OEMs. In their research, experts looked at an Arris modem installed on the network of AT&T. Tod Beardsley, Research Director at Rapid7, commented…
The US Food and Drug Administration (FDA) is recalling nearly half-a-million pacemakers from St Jude Medical (now Abbotts) after finding at the beginning of this year that the devices could be hacked. Leading cyber security experts have had their comments on the news. Cesare Garlati, Chief Security Strategist at the prpl Foundation: “With IoT, the main cause for concern is security. IoT has developed rapidly and is now being used in all facets of life, which is why improvements in security need to be made now, especially when human lives depend on the IoT medical devices for survival. Failure to do so will lead…
A number of companies nowadays seem to be unperturbed by the rash of malware attacks that have occurred in recent months. Even certain system administrative and security tools have been compromised in incidents of new-generation malware wreaking havoc in various countries worldwide. Email security provider Proofpoint, in its quarterly report, cited: “Threat actors appeared to double down on smaller, more targeted campaigns with banking Trojans and information stealers. At the same time, mobile and social threats continued to evolve, drawing more people to phishing pages and malicious software.” During the first quarter of the year, more than four times as…
This week, MacEwan University in Canada lost $9.5million due to a spear phishing attack. A write up by the BBC explained that, “fraudulent emails convinced staff at MacEwan University that one of its clients was changing its bank account details. Staff then paid money into the fraudulently created account”. In response to this, Levine, former CISO for two Fortune 500 companies, and current Security Advisor to Wombat Security Technologies commented below. Alan Levine, Security Advisor at Wombat Security Technologies: “The kind of scam that victimized MacEwan University is becoming all too prevalent, and the impact can be hugely significant both…
