Daily Cybersecurity Roundup, September 15, 2020

Deeply personal data and granular details about individuals scattered across the internet is ripe for exploitation by malicious actors. In the same vein, a university professor unearthed a database pertaining to a Chinese firm withholding information of 2.4 million influential people. Meanwhile, a flaw was found in the Democratic presidential candidate Joe Biden’s official campaign app exposing millions of voters’ data. Without further ado, let’s read the top cybersecurity roundup from the past 24 hours.


An academic at the Fulbright University Vietnam found data of 2.4 million key individuals, including politicians, media personnel, academics and others, in an online database that was allegedly compiled by Shenzhen Zhenhua, a Chinese firm.


A privacy bug in Joe Biden’s official campaign app was found exposing sensitive voter information of millions of Americans.


The Department of Veterans Affairs (VA) affected the personal data of 46,000 veterans, including social security numbers (SSNs), after an unauthorized user gained privileged access to the online app of VA's Financial Services Center.


Public Health Wales, an NHS Trust, inadvertently published personal details of more than 18,000 residents, who tested positive for coronavirus, on a public server.


The U.K’s NCSC unveiled Vulnerability Disclosure Toolkit, a guideline for the implementation of a vulnerability disclosure process in a bid to encourage responsible bug reporting.


The U.S. General Services Administration’s (GSA) 18F digital services unit revealed a field guide about cyber strategy development to assist federal agencies in cyber-risk mitigation techniques on their network.


The CISA released a new advisory warning against a wave of cyberattacks by Chinese nation-state actors targeting U.S. government agencies and businesses.


According to a TrendMicro report, 39% of workers use personal devices to access corporate data and 52% of remote workers have IoT devices connected to their home network.


Devo Technology, an SIEM provider, secured $60 million in Series D round led by Georgian, with participation from Bessemer Venture Partners and existing investor Insight Partners.


Sternum, an IoT cybersecurity startup, raised $6.5 million in Series A round led by Square Peg and joined by existing investors Merle Hinrich, Eyal Shavit, and Udi Mokady.

Get the Daily Cybersecurity Roundup delivered to your email!