Blogs > Corporate > Would you like a breach with that shake? - This week in cybersecurity

Would you like a breach with that shake? - This week in cybersecurity

Too busy working to keep up with cybersecurity news this week? Here’s a round-up of the top stories from the cyberscape.

By: Anthony Gil

Retefe Trojan just Got More Powerful by Adding the WannaCry Trick to its Arsenal

The Retefe trojan banking malware campaign has returned and is now leveraging EternalBlue -- the leaked NSA surveillance exploit -- to target Swiss financial institutions. Read more. 

Apple OS High Sierra Reportedly Has a Password Problem

There's a vulnerability in High Sierra and earlier versions of macOS that allows rogue applications to steal plaintext passwords stored in the Mac keychain, a security researcher said Monday, the same day the widely anticipated update was released. Read more.

SEC hackers accessed authentic data used by companies in tests

Hackers breached the U.S. Securities and Exchange Commission’s computer system last year by taking advantage of companies that used authentic financial data when they were testing the agency’s corporate filing system, according to sources familiar with the matter. The sources spoke anonymously because it is not a public investigation. Read more.

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

In a story broken by KrebsOnSecurity, Sonic Drive-In, a fast-food chain with nearly 3,600 locations across 45 U.S. states, has acknowledged a breach affecting an unknown number of store payment systems. The ongoing breach may have led to a fire sale of millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores. Read more.

Signal Update Keeps Users’ Address Book Secret

Open Whisper Systems, the non-profit behind Signal, is launching an experimental new method that will prevent users from needing to share their contact lists with Signal while still letting them use their existing address books to make encrypted calls and send encrypted texts. Signal's creators, like the developers of so many other social apps, have long considered that contact-sharing request a necessary evil, designed to make the app as easy to use as your normal calling and texting features. Read more. 

Internet Explorer bug leaks whatever you type in the address bar

Security researcher Manuel Caballero disclosed a bug in Internet Explorer that leaks any text typed into the search bar to the current website in the user’s browser. The technique can expose sensitive information a user didn't intend to be viewed by remote websites, including the Web address the user is about to visit. Read more.

Researchers find 7 percent of all Amazon S3 servers exposed

A recent study by SkyHigh Networks found 7 percent of all Amazon S3 servers are exposed to the public which may explain a recent surge of data leaks in the last few months including the information on 198 million American voters, 14 million Verizon customers, and several Viacom networks to name a few. Read more.




Suggested Blogs