Daily Cybersecurity Roundup, September 22, 2020

Protecting database backups is as critical as safeguarding online data held by applications. In a recent incident, a provider of sports-related software, ArbiterSports, failed to do so and exposed a database backup containing more than 540,000 registered members in a security incident. In other news, Luxottica Group S.p.A. had to bring some of its websites offline in the aftermath of a cyberattack. Continue reading the key cybersecurity highlights from the past 24 hours.

01

Hackers pilfered a copy of backups from ArbiterSports containing personal information of more than 540,000 registered members—mostly sports referees, league members, and school representatives.

02

Luxottica Group S.p.A., the Italian eyewear and eyecare giant, disclosed a cyberattack that knocked some of its websites offline.

03

RansomEXX, a relatively new ransomware group, targeted a U.S-based laser company, IPG Photonics, in its recent attack that forced the company to shut down its IT systems worldwide.

04

Microsoft laid bare more than 13 billion records in 6.5TB of log files originating from the Bing search engine via an unsecured Elasticsearch server. As per reports, no personal user information was exposed.

05

Cybercriminals were found impersonating the Texas Department of State Health Services and emailing out fake requests for quotes (RFQs) to procure products worth hundreds of thousands of dollars.

06

Researchers uncovered a cyberattack campaign—by APT28 or Fancy Bear—that used fake NATO training course materials to target government agencies worldwide.

07

Victim count in the Blackbaud breach rose as more than 350,000 patients of Allina Health, Regions Hospital, and Gillette Children’s Specialty Healthcare received breach notification letters.

08

In a survey of 2,064 Google Cloud buckets by Comparitech, six percent of cloud buckets were found misconfigured and left open publicly for anyone to access.

09

Amidst rising security concerns around the U.S. presidential elections, the House of Representatives approved the Defending the Integrity of Voting Systems Act that makes hacking voting infrastructure a federal crime.

10

Avast uncovered a TikTok scam wherein a slew of TikTok profiles, with over 350,000 followers in total, helped generate $500,000 in profit only by promoting multiple fraudulent mobile apps.

Get the Daily Cybersecurity Roundup delivered to your email!