Cybercriminals have certainly upped their game in sniffing out unprotected databases. Recently, a leaky database at a digital design website has risked the sensitive details of its users. In other news, Acer disclosed a hacking incident that resulted in a leak of gigabytes of data. Moreover, researchers reported an ad-blocker that makes way for ads. On that note, let’s dive in for the top ten cybersecurity highlights from the past 24 hours.
01
Thingiverse, a platform for sharing user-created digital design files, exposed a 36GB MySQL database containing 228,000 unique email addresses and user PII.
02
Acer confirmed being hit by a security breach after hackers put over 60GB of company data, including customer details and login information, on sale on an infamous underground forum.
03
Hackers infiltrated the networks of Verizon-owned wireless carrier Visible and accessed customer accounts and changed pin and shipping addresses. The victim has urged users to change passwords.
04
Juniper Threat Labs spotted Necro botnet, aka FreakOut, targeting a flaw in Visual Tools DVR systems and deploying Monero miners on compromised systems.
05
Symantec Threat Hunter uncovered a new strain of ransomware, dubbed Yanluowang, targeting virtual machines in enterprises. Hackers further warned not to approach law enforcement for help.
06
Imperva stumbled across a browser extension called AllBlock that claims to block ads but also runs a background script—in every tab opened—to inject ads on Chrome or Opera.
07
The U.K's NCSC released updated guidance for employees using their personal devices for work. It encompasses the zero trust architectural approach and security challenges with BYOD.
08
According to a new report from Approov, APIs used in Fast Healthcare Interoperability and Resources (FHIR) apps are vulnerable to abuse, putting 4 million patient and clinician records at risk.
09
At-Bay, a cyber insurance company, secured $20 million in Series D extension funding from ION Crossover Partners, which joins other previous Series D investors.
10
Boston-based Black Kite, a third-party cyber risk rating firm, raised $22 million in Series B round led by Volition Capital, with participation from existing investors.
