Categories
NCSC-FI News followup

Daily NCSC-FI news followup 2019-12-29

UK Government exposes addresses of new year honours recipients

www.theguardian.com/uk-news/2019/dec/28/government-exposes-addresses-of-new-year-honours-recipients More than 1,000 celebrities, government employees and politicians recognized in the U.K.’s traditional New Year’s Honours list this year “have had their home and work addresses posted on a government website.”

IoT vendor Wyze confirms server leak

www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/ Wyze, a company that sells smart devices like security cameras, smart plugs, smart lightbulbs, and smart door locks, confirmed today a server leak that exposed the details of roughly 2.4 million customers.. The leak occurred after an internal database was accidentally exposed online, Wyze co-founder Dongsheng Song said in a forum post published over Christmas.

2019 Data Breaches: These were the biggest data breaches of the year

www.cnet.com/news/2019-data-breach-hall-of-shame-these-were-the-biggest-data-breaches-of-the-year/ The words “unsecured database” seemed to run on repeat through security journalism in 2019. Every month, another company was asking its customers to change their passwords and report any damage.

Top 10 Breaches and Leaky Server Screw Ups of 2019

threatpost.com/top-10-breaches-leaky-server-2019/151386/ 2019 was a banner year for data exposures, with billions of people affected by cloud misconfigurations, hacks and poor security practices in general. Heres the Threatpost Top 10 for data-breach news of the year, featuring all the low-lights.

The Uncommon Becomes Ordinary: 4 Trends That Defined Data Breaches in 2019

securityintelligence.com/articles/the-uncommon-becomes-ordinary-4-trends-that-defined-data-breaches-in-2019/

The iOS, Android security landscape in 2019

www.zdnet.com/pictures/these-are-the-ios-android-malware-families-most-likely-to-hit-your-handset-in-2019/

Biggest Malware Threats of 2019

threatpost.com/biggest-malware-threats-of-2019/151423/ 2019 was another banner year for bots, trojans, RATS and ransomware. Lets take a look back.

The Internet of Things (IoT) and security in 2019

www.zdnet.com/pictures/the-biggest-internet-of-things-smart-home-hacks-over-2019/ Attackers targeted everything from gas pumps to your smart TV this year.

Top Zero Days, Data Breaches and Security Stories of 2019: News Wrap

threatpost.com/top-zero-days-data-breaches-and-security-stories-of-2019-news-wrap/151340/

Reviewing our 2019 AppSec predictions: Supply chain attacks

blog.barracuda.com/2019/12/24/reviewing-our-2019-appsec-predictions-supply-chain-attacks/ At the start of the year, I made three predictions on attacks vectors that would become big problems over the year and beyond. This is the look at where the three are, now, at the end of the year.

Catalog of Supply Chain Compromises

github.com/cncf/sig-security/tree/master/supply-chain-security/compromises The goal is not to catalog every known supply chain attack, but rather to capture many examples of different kinds of attack, so that we can better understand the patterns and develop best practices and tools.

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

blog.malwarebytes.com/awareness/2019/12/a-decade-in-cybersecurity-fails-top-breaches-threats-of-2010s/

Start the Year Right with a Security and Privacy Check Up

www.tripwire.com/state-of-security/security-awareness/start-year-right-security-privacy-check-up/ Change passwords, enable multi-factor authentication, review security and privacy settings.

7 signs your cybersecurity is doomed to fail in 2020

www.helpnetsecurity.com/2019/12/20/cybersecurity-fail-2020/

Looking Ahead to 2020 Cybersecurity Trends and a New Decade

securityintelligence.com/articles/looking-ahead-to-2020-cybersecurity-trends-and-a-new-decade/

2020 Predictions: Mobile Security

www.scmagazine.com/home/security-news/mobile-security/2020-predictions-mobile-security/

Bringing Starchild Down to Earth: Soraka SDK

www.whiteops.com/blog/bringing-starchild-down-to-earth-soraka-sdk The White Ops Threat Intelligence team recently identified 100+ malicious apps, with more than 4.6 million downloads, performing ad fraud. All of the apps use a common code package White Ops has dubbed Soraka (com.android.sorakalibrary)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.