Sophisticated hackers often exploit previously exposed personal data to conduct highly effective personalized phishing campaigns. Recently, OneClass, a Canadian online note sharing portal, laid bare one million students’ personal data in a publicly accessible cloud database that could put them at risk of targeted attacks. In other news, the Brazilian federal police busted a hacktivist group, Anonymous Brazil, that wanted to leak private information and intimidate thousands of government official including the President. With that said, let’s go through the top cybersecurity highlights from the weekend.
01
OneClass exposed more than 8.9 million records of around one million students via an unprotected cloud database. The records included students’ names, the schools they attended, their account details, and more.
02
An investigation by the Federal Police of Brazil unveiled the actions of hacktivists that leaked a database containing the data of over 20,000 government and military officials, including president Jair Bolsonaro, and attempted to blackmail them.
03
A hacker group compromised the websites of eight cities across three U.S. states in a card skimming attack campaign design to steal the payment information of citizens. All the affected websites are built on the Click2Gov platform.
04
A hacker group identified as "Korean Hackers" claimed to hack and pilfer the source code and other personal information from E27, an Asian media company. The attackers also demanded a donation to disclose the security flaws they exploited.
05
Maine Information and Analysis Center (MIAC) suffered a data breach that impacted its information sharing database for federal, state, and local law enforcement officials.
06
One of the broadcasting sites of the France Télévisions group was hit in a cyberattack. The attack did not impact its regular broadcasting, claimed the group.
07
Symantec researchers discovered the Evil Corp group's attacks on tens of corporations in the U.S. Though the adversaries managed to breach the networks, they were spotted before deploying the WastedLocker ransomware.
08
The mastermind behind Cardplanet, a “carding” website on the dark web responsible for $20 million in fraudulent purchases worldwide, has been sentenced nine years in federal jail. He mainly targeted U.S. citizens in his attacks.
09
Area 1 Security, an email security company, raised $25 million in growth funding led by ForgePoint Capital, along with existing investors including Kleiner Perkins, Icon Ventures, and Top Tier Capital.
10
Cybermerc, a threat sharing platform, secured $1.22 million under AustCyber funds to help develop Aushield Defend, a threat intelligence platform for the Australian industry, researchers, and academia.
