External Threat Summary for August 2018
Social Media Governance
Researcher discovers fraudsters can collect sensitive data from abandoned business domains.
Domain name abandonment attacks pose a significant cyber threat to the legal profession and other businesses
Operational Security (OPSEC) | Privacy
New policy bans deployed US military personnel from using GPS-enabled devices.
Effective immediately, Defense Department personnel are prohibited from using geolocation features and functionality on government and non-government issued devices, applications and services while in locations designated as operational areas.
Data Exposure | Dark Web
Document capture firm ABBYY inadvertently exposes large document storage database
ABBYY exposed its document storage database with more than 200K scanned contracts, memos, letters.
Online Fraud
Website scam pretending to provide US Green Card services.
Most online scams depend on two things for success: a broken or otherwise onerous process to deal with a legitimate entity, and a desperate target population.
Data Exposure
Babysitter App Sitter accidentally leaks MongoDB database online.
Sitter, “the No.1 app for managing babysitters”, inadvertently exposed its MongoDB instance to public.
Rogue Mobile Application
68 adware apps detected on Google Play.
68 fraudulent apps by five different developers that contain aggressive advertisements.
Data Leak
Voter information of more than 6 million people in Georgia left exposed.
Private researcher discovered the records of more than 6 million registered Georgia voters, password files and encryption keys could be accessed online by anyone looking.
Cyber Social Media Threat
Instagram accounts hacked to change contact information.
Social listening tools detecting Instagram users are reporting the same bizarre hack.
Data Exposure
TCM Bank customer data exposed online for more than a year.
A company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people.
Don’t be the next news story. Contact us now to start protecting your organization from external threats.