External Threat Summary for September 2018

 

Data Leak | Data Breach

Education Company Chegg Acknowledges Data Breach, Puts 40 Million Users on Notice.

An unauthorized party gained access to a Company database that hosts user data for chegg.com and certain of the Company’s family of brands such as EasyBib.

Read More


Data Leak

United Nations inadvertently exposes passwords and sensitive information.

The UN accidentally published passwords, internal documents, and technical details about websites when it misconfigured popular project management service Trello, issue tracking app Jira, and office suite Google Docs.

Read More


Data Leak

Twitter alerts users that private tweets may have been shared with Twitter developers.

In an alert on Twitter, the social network is alerting users that for over a year, their direct messages and private tweets may have been sent to Twitter developers by mistake.

Read More


Data Leak | Dark Web

Personal data of Bengaluru citizens leaked on the Dark Web.

Hidden away in a folder – on one of the thousands of anonymous websites that constitute the Dark net – are the names, phone numbers, addresses, passport numbers and dates of birth of over 350 Bengaluru citizens.

Read More


Data Breach | Dark Web

Access to 3,000 breached websites sold on MagBo underground forum.

Access to approximately 3,000 breached websites has been discovered for sale on a Russian-speaking underground marketplace called MagBo.

Read More


Rouge Mobile Application

Several fake finance apps discovered on Google Play.

Cybercrooks use bogus apps to phish six online banks and a cryptocurrency exchange.

Read More


Cyber Social Media Threat

CBD oil spam campaign found on Twitter.

A low level spam campaign is working its way through Twitter, with just under 2,000 posts visible on public search.

Read More


Dark Web

Hackers selling stolen air miles from Emirates Skywards, British Airways, SkyMiles on the Dark Web.

There’s a black market for your frequent flyer miles. Stolen frequent flyer accounts and rewards points are a hot commodity on the Dark Net.

Read More


Data Breach

42 million emails and passwords posted on public hosting service Kayo.moe

A huge database with email addresses, passwords in clear text, and partial credit card data has been uploaded to a free, public hosting service.

Read More


Fraud and Scams | Reputation Risk

Microsoft TechNet portal pages flooded with tech support scams.

3,000 TechNet pages flooded with tech support scams pushing shady phone numbers for cryptocurrency exchanges and social media platforms.

Read More


Social Media Account Takeover

Bollywood actor’s social media accounts hacked by Turkish cyber group.

Eleven minutes after publishing a controversial post, actor’s Instagram and Twitter accounts were hacked.

Read More


Physical Social Media Threat

Teenager who caused 400 evacuations pleads guilty to email bomb hoax campaign.

Hertfordshire teenager has admitted emailing bomb threats to thousands of schools and disrupting a flight to San Francisco over the past few months.

Read More


Data Exposure

Misconfigured websites with .git directory expose source code directories.

If you use git to deploy your site, you shouldn’t leave the .git folder in a publicly accessible part of the site.

Read More


Rouge Mobile Application

130 fraudulent applications detected on Google Play.

Dozens of malicious applications on Google Play designed to generate illegal revenue.

Read More

 

Don’t be the next news story. Contact us now to start protecting your organization from external threats.