Tuesday, March 3, 2020

How hackers breach unlocked cloud server databases - The Washington Post

When Wyze Labs announced late last year that data on 2.4 million users of its smart home security camera had been stolen, the hack was the result of an employee's essentially leaving the door to its database unlocked.

The Seattle-based company, started by two Chinese nationals three years ago, has mushroomed in popularity since it launched a cheaper alternative to consumer-grade security cameras sold by Ring, Nest and others. To help manage that growth, co-founder Dongsheng Song wrote on the company's website, Wyze put customer data into a new database. Protections for this data were mistakenly removed by a Wyze employee in China, allowing the hack.

Publisher: Washington Post
Date: 2020-03-02T18:40:02.833Z
Twitter: @WashingtonPost
Reference: (Read more) Visit Source



In case you are keeping track:

Hackers filed a record number of bug reports to the Pentagon in 2019

The Pentagon unveiled that last year it received more vulnerability disclosure reports from ethical hackers than ever.

The Defense Department's Cyber Crime Center (DC3) released numbers from its Vulnerability Disclosure Program, showing the agency processed 4,013 vulnerability reports, 2,836 of which led to mitigation activities. According to a statement, 8% of all submissions were labelled as critical or high severity, CyberScoop reports .

* * *

"It was our busiest year to date with a staggering 21.7% increase of submitted reports from 2017," the report reads.

logo
Publisher: The Next Web
Date: 2020-03-03T11:19:00 01:00
Author: http www facebook com thenextweb
Twitter: @thenextweb
Reference: (Read more) Visit Source



CIA Hackers Accused Of 11-Year Attack In New Chinese Cyber Report: This Is What's Behind It

"It is worth noting," the report says, "that the attacked information technology sectors of civil aviation by the CIA are not only in China, but also involves hundreds of commercial airlines [in other] nation states."

This is is a report heavy on speculation and inferences from already public data, and lacking in detailed attribution. What's more interesting is that the company has elected to do this now in the public domain. We can now likely expect further Chinese exposure of alleged U.S. exploits, the potential for individuals to be identified, and a further shift of this cyber tit-for-tat into the public domain.

Publisher: Forbes
Author: Zak Doffman
Twitter: @forbes
Reference: (Read more) Visit Source



Bloomberg - Are you a robot?
Reference: (Read more) Visit Source



While you're here, how about this:

US charges two Chinese nationals for laundering cryptocurrency for North Korean hackers | ZDNet

The US Treasury Department and the Department of Justice have imposed sanctions and indicted today two Chinese nationals on accusations of helping North Korean hackers launder cryptocurrency stolen during hacks of two cryptocurrency exchanges. The Department of Justice followed suite with

According to US officials, Tian Yinyin ( 田寅寅) and Li Jiadong (李家东) acted as intermediaries and money mules for Lazarus Group, a codename used by the cyber-security industry to describe hackers working on behalf of the North Korean government.

Publisher: ZDNet
Author: Catalin Cimpanu
Twitter: @ZDNet
Reference: (Read more) Visit Source



8 Popular WordPress Plugins Are Currently Being Exploited By Hackers - Search Engine Journal

A new report reveals an increased number of attacks against WordPress sites, all of which exploit security flaws in popular plugins.

Many of the attacks against WordPress sites last month involve hackers trying to hijack sites by targeting recently-patched plugin bugs.

In other cases, attackers were able to uncover zero-day exploits in different plugins. That refers to vulnerabilities which are unknown to the plugin developer, which means there may be no patch available.

logo
Publisher: Search Engine Journal
Date: 2020-03-02T19:58:46 00:00
Twitter: @sejournal
Reference: (Read more) Visit Source



How To Protect Your Baby Monitor From Hackers In Three Simple Steps

For any IoT device—smart cameras and baby monitors included—there are three pieces of advice that trump all others.

Ensure that option to enable automatic firmware updates is selected. If there is no such option, then make sure you check for updates regularly. I'd say weekly, but that's overkill. You should do this at least once a month.

NCSC also advises owners of cameras to consider whether they need the option to view the feeds from outside the house. That's good advice, but, let's be honest, that's half the value in the device. So, realistically, just make sure you keep the device secure and locked down and then remote viewing will be fine. What you can do, though, is consider whether a baby monitor needs outside access. These are usually viewed from inside the house. Unless you want to check on the babysitter, of course.

Publisher: Forbes
Date: 2020-03-03
Author: Zak Doffman
Twitter: @forbes
Reference: (Read more) Visit Source



Hackers know when you open that email and how to use it against you

Why has pixel-tracking become the new trend in cybercrime? Because we have become too smart for regular con artists and phishing spam. Plus, we have tools now to stop spam. Since pixel-tracking is still unfamiliar to many users, let me start with how it works before getting into what to do about it.

This kind of tracking is legal, despite the fact that most consumers have never heard of it. As if collecting your info for marketing purposes without your consent is not bad enough, pixel-tracking can also serve as a valuable kind of surveillance for cybercriminals, too.

Publisher: The Spectrum & Daily News
Twitter: @SpectrumNews
Reference: (Read more) Visit Source



No comments:

Post a Comment