Cyber Security Roundup for August 2019
Twitter boss, Jack Doresy, had his Twitter account was hacked at the end of August, with hackers using his account to send a stream of offensive messages to his 4.2 million followers. It appears Jack was using his mobile phone to provide multi-factor authentication access to his Twitter account, a good solid security practice to adopt, however, it appears his Twitter account password and his mobile phone SMS service were both compromised, the latter probably due to either sim card swap fraud social engineering by the hacker, or by an insider at his mobile network service provider.
It was another bumper ‘Patch Tuesday’, with Microsoft releasing security updates for 93 security vulnerabilities, including 31 which are ‘critical’ rated in Windows, Server 2019, IE, Office, SharePoint and Chakra Core.
NEWS
- Cybersecurity Firm Imperva Discloses Breach
- Eurofins Scientific Cyber-attack leads to a backlog of 20,000 UK Forensic Samples
- Serious Cyber Attack could trigger full NATO response, says Jens Stoltenberg
- TfL takes the Oyster system offline after Customer Accounts accessed
- TGI Fridays frantically warn customers to urgently change app passwords
- French ‘Cybercops’ dismantle Pirate Computer Network
- Twitter boss Jack Dorsey’s account hacked sending out a stream of offensive messages
- BioStar 2 Database Leaked One Million Fingerprints and Facial Recognition Data
- Capital One accused ‘breached 30 other organisations’
- A Researcher uses GDPR’s Right of Access to steal others’ personal information
- 700,000 Choice Hotels Customer Records Compromised
- Honda Motors Company databases leaked 40GB of employee data
- North Korea took $2 billion in Cyberattacks to fund weapons program according to a U.N. report
- Pearson Data Breach Impacts thousands of University Accounts
- Google finds ‘indiscriminate iPhone attack lasting years’
VULNERABILITIES AND SECURITY UPDATES
- Microsoft Patches 93 Vulnerabilities, including 31 Critical for Windows, Server2019, IE, Office, SharePoint & ChakraCore
- BlueKeep-like RCE flaws in RDP among 93 Vulnerabilities Patched by Microsoft
- Adobe Releases Fixes at least 76 ‘important’ Vulnerabilities in Acrobat and Acrobat Reader
- Intel Rolls Out Security Updates for Seven Products lines, three rated as High
- Critical Patches released for Adobe Photoshop
- Cisco issues multiple product updates, fixes critical flaws in small business switches
HUAWEI NEWS AND THREAT INTELLIGENCE
- U.S. renews temporary license allowing companies to sell to Huawei, adds 45 to blacklist
- Huawei confident UK will resist ‘politically motivated’ pressure from US over 5G
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
- MegaCortex variant redesigned a self-executing, incorporates features of the previous version
- Record Future Research: Hacktivism activity and chatter has markedly dropped since 2016
- Exabeam Survey: Red/Blue team exercises show defensive Shortfalls
- Risk-Based Security 2019 MidYear QuickView Data Breach Report: 4 Billion Records Exposed
- Cloud Atlas Threat Group Updates Weaponry with Polymorphic Malware
- New Saefko Trojan focuses on Stealing Credit Card details and Crypto wallets
- LokiBot Malware now hides its source code in Image Files
*** This is a Security Bloggers Network syndicated blog from IT Security Expert Blog authored by SecurityExpert. Read the original post at: http://feedproxy.google.com/~r/securityexpert/~3/pWzl_MCT5cs/cyber-security-roundup-for-august-2019.html