Data Security, Network Security

News in a Minute Weekly Roundup | Dec. 29

By Marcos Colon

Here’s a look at some of the top news stories that wrapped up 2017. Major items included a critical vulnerability patched by Mozilla, Nissan Canada announcing a data breach that impacted more than one million customers, and hackers targeting a zero-day vulnerability in Huawei home routers. 



Nissan
DATA BREACH

More Than One Million Customers Impacted in Nissan Canada Breach

Nissan Canada Finance has admitted that earlier in December it had experienced a data breach that impacted more than one million customers. According to the company, the “unauthorized access to personal information” has resulted in the compromised data of all current and former customers. Included in the data were customer names, addresses, vehicle makes and models, credit scores, and vehicle identification numbers.



Click here for full article.




 

IoT Standards

IoT

Taiwan Prepares to Establish IoT Security Standards

As devices continue to flood the enterprise and public sector at an alarming rate, Taiwan’s Ministry of Economic Affairs (MOEA) has announced that beginning in 2018 standards surrounding the security of IoT will be established. On December 25 MOEA issued the first set of infosec standards for network cameras, but now they’ll be mapping out similar protocols for network video recorders and other devices.

 

Click here for full article.

 

 

 

Facebook

PHISHING

Facebook Users Heavily Targeted by Hackers During Holiday Season

Attackers are setting up phony landing pages to lure Facebook users into sharing their login credentials for the popular social media platform. Researchers with Malwarebytes have detected the fake landing pages used as bait that leverages the “Login with Facebook” feature to compromise the credentials. Malwarebytes provided users with a list of URLs that they should avoid.



Click here for full article.

 

 


Thunderbird
PATCHES

Mozilla Issues Critical Security Update for Thunderbird

A critical security update issued by Mozilla addresses vulnerabilities impacting the popular open-source Thunderbird email client. Of the four vulnerabilities, two were rated high, one moderate, and the other low. The most serious fix addresses a critical buffer overflow flaw (CVE-2017-7845) which affects Thunderbird running on Windows operating systems.

Click here for full article.

 




 

EtherDelta

CRYPTOCURRENCY

EtherDelta Suspects Service Following Cyberattack

Malicious hackers gained access to the DNS servers of popular cryptocurrency exchange EtherDelta, causing service to be temporarily suspended last week. The company announced via Twitter that its server was compromised by attackers on December 20, just days before Bitcoin value experienced a massive drop. Attackers spoofed EtherDelta’s domain to trick users into sending money.

 

Click here for full article.



 

NKorea Attacks

GOVERNMENT

North Korea Demands U.S. to Prove WannaCry Ties

North Korean diplomats in charge of U.S. affairs are demanding that Washington provide evident that Pyongyang was behind this year’s WannaCry ransomware attack. Pyongyang sees the allegations as an effort to create an “extremely confrontational atmosphere.” In May, the WannaCry outbreak impacted hundreds of thousands of computers worldwide.

Click here for full article.

 

 

 

 

Ancestry BreachDATA BREACH

Ancestry.com Breach Leaks 300,000 Plaintext Accounts

U.S. genealogy company Ancestry.com has experienced a data breach impacting its RootsWeb online community. A total of 300,000 registered users have had their usernames, emails, and passwords compromised and leaked online in clear text format. Cybersecurity researcher Troy Hunt, founder of data breach notification website HaveIbeenPwned, discovered the leaked data.

 

Click here for full article.

 





CryptoMix Ransowmare
MALWARE

Security Researcher Discovers Variant of CryptoMix Ransomware

A new variant of the CryptoMix ransomware has been released by cybercriminals that include new features. Cybersecurity researcher Michael Gillespie, the main difference with the variant is the addition of the .tastylock extension to all encrypted files. While the ransom note still carries the same “_HELP_INSTRUCTION>TXT” name, the variant uses the [email protected] email so the victim can contact the attacker for payment information.


Click here for full article.

 

 

 

John McAfeeHACKING

John McAfee Claims Twitter Account Was Compromised

After messages promoting lesser-known cryptocurrencies appeared to come from John McAfee’s Twitter account, he claims his mobile phone was hacked. In an interview with the BBC, McAfee said: “the first indication that I had been hacked was turning on my cell phone and seeing the attached image.” The image provided to the news outlet featured a notification on his mobile device that read, “(SIM not provisioned MM#2).”


Click here for full article.

 

 

 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.