External Threat Summary for November 2018

 

Data Breach

500 Million Guests Personal & Financial Data Stolen in 4-Year Breach

Marriott discloses a massive data breach exposing the personal and financial information on half billion customers who made reservations at any of its Starwood properties over the past four years.

Read More


Social Media Imposter | Bitcoin Fraud

Google, U.S. and Israeli politician Twitter accounts hijacked to promote ‘Elon Musk’ Bitcoin scam.

After compromising the Twitter accounts of Target along with several other high profile and verified accounts and impersonating Elon Musk all to promote Bitcoin giveaway scams, cybercriminals have now set their sights on Google.

Read More


Social Media Account Takeover

How Hackers Are Stealing High-Profile Instagram Accounts.

In the Wild West of “influencer” marketing, there are few protections and plenty of easy marks.

Read More


Brand Protection

Law enforcement in EU shuts down over 30,000 counterfeit sites

As part of an international operation, Europol’s Intellectual Property Crime Coordinated Coalition (IPC3) has seized 33.654 domain names distributing counterfeit and pirated items online.

Read More


Data Leak

Amazon customers’ names and email addresses disclosed by website error.

Amazon has not disclosed key details, including where breach happened and for how long.

Read More


Phishing

Health First Florida phishing attack may have compromised 42,000 patients.

Health First, a nonprofit community health system comprising four hospitals in Brevard County, Fla., is notifying 42,000 patients to a potential compromise of their personal information,Florida Today reports.

Read More


Physical Social Media Threat

Teen Arrested for Making Social Media Threats to Fallbrook HS.

Deputies announced the arrest of a Fallbrook High School student suspected of making a shooting threat toward the school on social media.

Read More


Rouge Mobile Application

Fake Banking App Found on Google Play Used in SMiShing Scheme.

Movil Secure is a fake banking app pretending to be a mobile token service. Its developers evidently put in the effort to trick users into thinking it is legitimate, with professional-looking branding and a sophisticated user interface.

Read More


Social Media Account Takeover

Attackers target Iranian users of Instagram and Telegram.

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications.

Read More


Privacy Risk

News apps and apps for children found to contain largest amount of third-party trackers.

Third party tracking allows companies to identify users and track their behavior across multiple digital services.

Read More


Cyber Social Media Threat

Twitter deletes 10,000 bot accounts discouraging people from voting in US midterms.

Twitter deleted more than 10,000 automated accounts posting messages that discouraged people from voting in Tuesday’s U.S. election and wrongly appeared to be from Democrats, after the party flagged the misleading tweets to the social media company.

Read More


Data Leak | Extortion | Data Exploitation

Spammers harvest email addresses and passwords from a publicly available data breach, and then use this data to facilitate sextortion attacks.

Attackers are increasingly spreading sextortion-type attacks across the internet.

Read More


Don’t be the next news story. Contact us now to start protecting your organization from external threats.