The fallout from the Facebook privacy scandal rumbled on throughout April and culminated with the closure of the company at the centre of the scandal, Cambridge Analytica.
- Overview of Facebook and Cambridge Analytica
- Facebook’s Zuckerberg faces formal summons from MPs
- Facebook to contact 87 million users affected by data breach
- Canada data firm AIQ may face legal action in UK
- Facebook to vet UK political ads for May 2019 local elections
- Facebook to exclude billions from European privacy laws
Ikea was forced to shut down its freelance labour marketplace app and website ‘TaskRabbit’ following a ‘security incident’. Ikea advised users of TaskRabbit to change their credentials if they had used them on other sites, suggesting a significant database compromise.
TSB bosses came under fire after a botch upgraded to their online banking system, which meant the Spanished owned bank had to shut down their online banking facility, preventing usage by over 5 million TSB customers. Cybercriminals were quick to take advantage of TSB’s woes.
Great Western Railway reset the passwords of more than million customer accounts following a breach by hackers, US Sun Trust reported an ex-employee stole 1.5 million bank client records, an NHS website was defaced by hackers, and US Saks, Lord & Taylor had 5 million payment cards stolen after a staff member was successfully phished by a hacker.
The UK National Cyber Security Centre (NCSC) blacklist China’s state-owned firm ZTE, warning UK telecom providers usage of ZTE’s equipment could pose a national security risk. Interestingly BT formed a research and development partnership with ZTE in 2011 and had distributed ZTE modems. The NCSC, along with the United States government, released statements accusing Russian of large-scale cyber-campaigns, aimed at compromising vast numbers of the Western-based network devices.
- NCSC: Joint US – UK statement on malicious cyber activity carried out by the Russian government
- US-Cert Alert (TA18-106A) – Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices
- Ikea’s Task Rabbit App hit by Cyber Security Incident
- At least 432 UK Businesses to be Affected by NIS Cyber-Security Regulation
- TSB ‘Data Breach’ amid Online Banking Upgrade Chaos
- Great Western Railway Accounts Breached
- NHS Website Defaced by Hackers
- Equifax Data Breach cost hits £175 million – £91 million insured
- Sun Trust Ex-Employee Stolen 1.5 Million Bank Clients
- Ransomware Infects Ukraine Energy Ministry Website
- UK National Cyber Security Centre Blacklists one of China’s State-Owned ZTE
- 1.5bn Sensitive Files are Exposed on the Internet – Digital Shadows
- Almost 3 Million EU citizens hit by Facebook Data Breach
- Saks, Lord & Taylor Staff Phish lead to an up to 5 Million Payment Card Data Breach
- Will the boom in public cloud services open the doors to cyber criminals?
- Microsoft Patches 63 Vulnerabilities for IE/Edge, Exchange, Office ChakraCore & Flash
- Microsoft issues more Spectre Updates (Out-of-Band Update)
- Adobe Releases Critical Fixes for Flash Player
- Apple release updates to fix Security issues in iOS, macOS, Safari and various Apps
- Insecure default configuration still endangering SAP users after 13 years
- Intel Urges users to Delete Remote Keyboard App and halts Spectre fixes
- Juniper Patched Multiple Vulnerabilities
- Cisco Patches Vulnerability in WebEx
- Hackers using Flaw in Cisco Switches to Attack
- Drupal Releases Patch for a Code-Execution Bug Actively being Exploited
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
- Russian State-sponsored Hackers Attacking network infrastructure says UK & US Govs
- UK Hit by ‘More Online Attacks than Ever Before’ according to NCSC
- NCSC warns CNI Supply Chain under Sustained Attack
- New Hacker Groups emerging in Asia and in the Middle East
- Orangeworm attacks X-Ray machines in campaign spanning UK, Europe, US
- Massive Phishing Campaign Targets Half a Billion Users in Q1 2018
- North Korea likely Culprit in Complex GhostSecret Cyber-Espionage Campaign
- The Cyber Threat to UK business 2017-2018 report by NCSC & NCA
- 2018 IBM X-Force Report: Financial services Industry most targeted with Malware
- NTT Security 2018 Global Threat Intelligence Report: Ransomware up 350%
- EEF Report: UK Manufacturers often outdated & Highly Vulnerable to Cyber Threats
*** This is a Security Bloggers Network syndicated blog from IT Security Expert Blog authored by Dave Whitelegg. Read the original post at: http://feedproxy.google.com/~r/securityexpert/~3/ZqGf0F6jz2Q/cyber-security-roundup-for-april-2018.html