Human errors or negligence in the software development process can often lead to costly consequences for the organizations. In a recent incident, a cybercriminal breached into nearly 23,000 unsecured cloud databases and uploaded a ransomware note asking for $140 in bitcoins for restoring each database. In other news, the Evil Corp hacker group targeted over 30 U.S. newspaper websites, owned by the same parent group, in a massive ransomware attack. Read on to learn about the key highlights from the cybersecurity space in the past 24 hours.
01
A hacker wiped off 22,900 unsecured databases using MongoDB, an open-source document database for apps, and left ransom notes, threatening to disclose the matter to the GDPR authorities.
02
The Evil Corp hacker group targeted employees of more than 30 major U.S. newspaper websites — owned by the same company — in a ransomware attack via fake software update alerts.
03
CNY Works suffered a data breach, exposing the names and Social Security numbers of around 56,000 job hunters.
04
Facebook disclosed a privacy incident wherein it continued sharing user data with approximately 5,000 developers even after multiple apps reached its limit of being inactive for 90 days.
05
According to an IBM report, 56% of Indian organizations experienced a data breach that led to the theft of at least 1,000 records containing confidential customer or business data, in the past two years.
06
The Cybersecurity and Infrastructure Agency (CISA) warned federal agencies about backdoors, cryptominers, and ransomware threats that constituted more than 90% of the active signatures detected by EINSTEIN, the government's intrusion prevention system.
07
Researchers at Lookout found a connection between a years-long hacking and surveillance campaign by the Chinese APT15 hacker group and a large government defense contractor from the city of Xi'an, for snooping on a minority group in China.
08
Reportedly, the Sodinokibi ransomware gang is auctioning celebrity data with a starting price of $600,000 for each of three lots of data pertaining to basketball player, LeBron James, and pop stars, Mariah Carey and Nicki Minaj.
09
The U.S. Federal Reserve published guidance on how financial organizations in the country can mitigate synthetic identity payments fraud, one of the rapidly growing category of financial crime in the country.
10
The Italian Data Protection Authority imposed a nearly $675,000 fine on the banking institution, UniCredit, for exposing the personal data of over 700,000 customers in a breach that took place between April 2016 and July 2017.
