Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Flight Center leaks customer data in an incredibly stupid way

    • Flight Center has confirmed that a significant data breach that occurred in 2017 was the result of sensitive information being left in a database given to hackathon participants. The compromised data included credit card numbers and passport details.
    • Flight Center informed the relevant customers that their personal information had been compromised and conducted a post-incident review to assess the long-term business impact and follow-up risks.
    • Unsurprisingly, the hackathon remains the only one the company has run to date.
    - Barclay Ballard | December 7, 2020
    hak-iq.us20.list-manage.comDecember 7, 2020

  • Spread of Covid-19 gives rise to the 'cyber-demic'

    • While 2020 will be remembered primarily as the year in which normal, day-to-day life was brought to a screeching halt by the global spread of the coronavirus, it will also likely be remembered by some as an inflection point for cybersecurity standards and practices.
    - Joel Griffin | December 7, 2020
    hak-iq.us20.list-manage.comDecember 7, 2020

  • 'Date which will live in infamy': What to remember about Pearl Harbor, 79 years later

    • As you know, today is the 79th anniversary of the attack on Pearl Harbor.
    • Please take a moment to pause and reflect on the heroes that sacrificed their lives on that day in 1941.
    - Joshua Bote | December 7, 2020
    hak-iq.us20.list-manage.comDecember 7, 2020

  • Hackers leak data from Embraer, world's third-largest airplane maker

    • Brazilian company Embraer, considered today's third-largest airplane maker after Boeing and Airbus, was the victim of a ransomware attack last month.
    • Today, hackers involved in the intrusion have leaked some of the company's private files as revenge after the airplane maker refused to negotiate and instead chose to restore systems from backups without paying their ransom demand.
    • Data uploaded included samples of employee details, business contracts, photos of flight simulations, and source code.
    • Ransomware gangs use leak sites as a way to put pressure on victims. During negotiations, companies are told that if they don't pay the attacker's desired ransom demand, the attackers will leak data online as a form of punishment, so it can be downloaded by competitors, or that companies face regulatory punishments in their countries.
    - Catalin Cimpanu | December 7, 2020
    hak-iq.us20.list-manage.comDecember 7, 2020

  • Data breach: plugging a hole to save your company’s skin

    • The Covid-19 pandemic has not only seen us change our ways of working. Cybercriminals have adjusted the way they work, intensifying their focus on low-hanging fruit like the ‘quick fixes’ many organisations implemented to support employees working remotely.
    • In its delayed 2020 budget, the Federal Government announced a significant increase in spending for cyber security, with an additional $201.5 million to support its $1.7 billion 2020 Cyber Security Strategy. It also included $470 million to bolster Australia’s cyber security workforce on top of $1.4 billion for government security efforts.
    • Continuous monitoring is vitally important. Companies tend to record a lot of logs; what they don’t do so well is monitoring these logs and correlating multiple log sources to look for the right trends and indicators.
    • If you look at traditional security controls, they are very much focussed on preventative controls. There is usually a lot of talk about firewalls – and all those typical controls we hear about. But if you work on the premise that there will eventually be an attack, and it’s better to detect it early when you still have a chance to do something about it.
    - Ewan Ferguson | December 7, 2020
    hak-iq.us20.list-manage.comDecember 7, 2020

  • As Modern Mobile Enables Remote Work, It Also Demands Security

    • The coronavirus pandemic has completely upended the way we work, educate and socialize. Soon after the rapid onset of the virus, organizations were forced to fully adopt work-from-home and other remote models. Luckily, employees quickly proved they could be productive and successful without being directly connected to the corporate network.
    • Cybercriminals are taking advantage of social uncertainty and exploiting the fact that we rely more on mobile devices to stay productive.
    • With most of us working away from the office, each of us now represents a remote office that your organization needs to secure. Many organizations turned to VPNs when shifting to remote work, but that leaves a number of security gaps, including the fact that many of us don’t use VPNs when using our mobile devices.
    - Hank Schless | December 3, 2020
    hak-iq.us20.list-manage.comDecember 3, 2020

  • IBM uncovers global email attack on Covid vaccine supply chain

    • IBM cybersecurity analysts on Thursday said they uncovered an email phishing scheme targeting global coronavirus vaccine supply chains.
    • The fraudulent emails impersonated a Chinese business executive at a credible cold-chain supply company dating back to September.
    • IBM said “the purpose of this campaign may have been to harvest credentials to gain future unauthorized access.”
    • IBM said the attacks likely targeted organizations linked to Gavi, The Vaccine Alliance, which is working to supply low- and middle-income economies with an affordable coronavirus vaccine.
    - Noah Higgins-Dunn | December 3, 2020
    hak-iq.us20.list-manage.comDecember 3, 2020

  • Bank Employee Sells Personal Data of 200k Clients

    • The employee allegedly responsible for it was a credit analyst who had access to the group's risk-modeling processes. 
    • Data exposed as a result of the security incident included clients' ID numbers, addresses, contact details, and descriptions of vehicles that they had purchased on finance.
    • The incident at Absa follows the August theft of personal details belonging to 24 million South Africans and nearly 800,000 businesses from Experian in what was one of South Africa's largest ever data breaches.
    - Sarah Coble | December 3, 2020
    hak-iq.us20.list-manage.comDecember 3, 2020

  • ‘Long & Foster’ Suffered a Catastrophic Data Breach Incident

    • Real estate firm ‘Long & Foster’ confirmed that the August ransomware incident resulted in a data breach.
    • The exposed information includes full names, addresses, and “W-9” and “Form 1099” details.
    • There are potentially some high-profile individuals among the compromised clients.
    • Ransomware actors hit the company’s network on August 22, 2020, taking down the targeted systems, encrypting files, and locking access.
    • The firm immediately contacted cybersecurity experts to help them remedy the situation and informed the FBI of the incident.
    - Bill Toulas | December 2, 2020
    hak-iq.us20.list-manage.comDecember 2, 2020

  • Criminals to Favor Ransomware and BEC Over Breaches in 2021

    • Cyber-criminals are relying less on stolen personal information and more on “poor consumer behaviors” such as password reuse to monetize attacks.
    • “Cyber-criminals are focusing on cyber-attacks that require logins and passwords to get access to corporate networks for ransomware or Business Email Compromise (BEC) scams. These attacks require less effort, are largely automated, the risk of getting caught is less, and the payouts are much higher than taking over an individuals’ account."
    • The ITRC warned that pandemic-related identity crimes will continue well in 2021, as stolen identities are used to fraudulently claim unemployment benefit.
    - Phil Muncaster | December 2, 2020
    hak-iq.us20.list-manage.comDecember 2, 2020

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence