Often times, existing security loopholes and unprotected servers give bad actors access to personal data without even having to break in. Recently, security researchers found an unprotected server that leaked over 200 million detailed user records from the US. In a similar leak, a UK-based security firm exposed its database containing 5 billion records sourced from previous breaches, via an unsecured server. Now, let’s glance through the top 10 cybersecurity highlights for the day.
01
Security researchers found an unsecured database on a publicly accessible server of a firm leaking more than 200 million detailed records on people from the United States.
02
A UK-based security firm accidentally exposed its database containing over 5 billion records sourced from security breaches dating from 2012 to 2019. The data included extensive information on the breaches, including domain, source, email addresses, and passwords.
03
Weibo, a Chinese microblogging platform, revealed that the user records of 538 million people, including user IDs, number of followers, geographic location, and more, was leaked in a major data breach. This data was put up for sale on the dark web by hackers.
04
The electronic systems of the Bluffton Township Fire District of South Carolina were affected by a cyberattack during a declared emergency. The incident impacted documentation processes and internal communication on the administrative side.
05
Vijay Sales, an Indian firm, was targeted by a notorious threat actor who uploaded the company’s customer database on a popular dark web hacker forum.
06
Security professionals from numerous organizations have begun volunteering to help healthcare organizations defend against malicious attack campaigns leveraging the ongoing COVID-19 pandemic.
07
The non-partisan non-profit US CyberDome has established the “PC-ISAO”—the first-ever political campaign information sharing and analysis organization to share information regarding cyber threats with political campaigns in the United States.
08
The Sodinokibi Ransomware operators published more than 12GB of stolen data, allegedly belonging to a firm named Brooks International for not paying the ransom.
09
The National Institute for Standards and Technology (NIST) published the draft version of SP 800-53 (revision 5): Security and Privacy Controls for Information Systems and Organizations. This is the first revision of the publication in seven years which focuses on the transformation of the security landscape over the last few years.
10
Security experts exposed an ongoing phishing campaign actively spreading malware payloads through emails impersonating the Director-General of the World Health Organization (WHO).
