Weekly InfoSec Roundup 10/13/17

Welcome to a weekly round-up of the most relevant and interesting happenings and events from across the Information Security industry.

High-profile breaches, interesting studies, patch tuesday announcements and more!

 

  • More Businesses Accidentally Exposing Cloud Services
  • “53% of businesses using cloud storage services unintentionally expose them to the public. More than half of organizations using cloud services like Amazon Simple Storage Service (S3) have inadvertently exposed at least one of these services to the public, up from 40% earlier this year.”

    Read More

     

  • Research Reports Stolen in Forrester Website Hack
  • “Forrester, one of the world’s most influential market research and advisory firms, informed customers late on Friday that its main website had been breached.”

    Read More

     

  • Microsoft Office 0-day headlines Patch Tuesday, update now!
  • “The second Tuesday of the month means it’s Microsoft’s formerly-known-as Patch Tuesday, currently-known-as Security Update Tuesday, and this month’s update patches 61 vulnerabilities in all, with 23 rated as Critical and 35 as Important. We always urge that you apply patches as soon as possible, but if that’s not convincing enough, read the details below of what’s out there in the wild.”

    Read More

     

  • Ransomware Sales on the Dark Web Spike 2,502% in 2017
  • “Ransomware is a $6.2 million industry, based on sales generated from a network of more than 6,300 Dark Web marketplaces that sell over 45,000 products, according to a report released Wednesday by Carbon Black.”

    Read More

     

  • Hacked Equifax Website Redirects Users to Adware, Scams
  • “A security researcher noticed recently that an Equifax service designed for obtaining free and discounted credit reports had been redirecting users to websites set up to serve adware and scams.”

    Read More

     

  • Flaws in SmartVista Payment Platform Expose Sensitive Data
  • “The SmartVista platform is used by major organizations around the world for online banking, e-commerce, ATM and card management, and fraud prevention. The core components of the SmartVista suite are the Front-End and Back-Office systems.”

    Read More

     

  • Data Sample in Equifax Hack Scam Possibly From Third-Party Servers
  • “A data sample provided last month by scammers trying to make a profit by claiming to have breached U.S. credit reporting agency Equifax may have been obtained from unprotected Amazon Web Services (AWS) instances owned by a different company.”

    Read More

     

  • Hyatt Hotels Hit by Another Card Breach
  • “Chicago-based hotel operator Hyatt Hotels Corporation informed customers this week that their credit card information may have been stolen by cybercriminals. This is the second data breach discovered by the company within a period of two years.”

    Read More

 

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

  • This field is for validation purposes and should be left unchanged.
© 2019 BRINQA | Legal | Terms