UK Government exposes addresses of new year honours recipients
www.theguardian.com/uk-news/2019/dec/28/government-exposes-addresses-of-new-year-honours-recipients More than 1,000 celebrities, government employees and politicians recognized in the U.K.’s traditional New Year’s Honours list this year “have had their home and work addresses posted on a government website.”
IoT vendor Wyze confirms server leak
www.zdnet.com/article/iot-vendor-wyze-confirms-server-leak/ Wyze, a company that sells smart devices like security cameras, smart plugs, smart lightbulbs, and smart door locks, confirmed today a server leak that exposed the details of roughly 2.4 million customers.. The leak occurred after an internal database was accidentally exposed online, Wyze co-founder Dongsheng Song said in a forum post published over Christmas.
2019 Data Breaches: These were the biggest data breaches of the year
www.cnet.com/news/2019-data-breach-hall-of-shame-these-were-the-biggest-data-breaches-of-the-year/ The words “unsecured database” seemed to run on repeat through security journalism in 2019. Every month, another company was asking its customers to change their passwords and report any damage.
Top 10 Breaches and Leaky Server Screw Ups of 2019
threatpost.com/top-10-breaches-leaky-server-2019/151386/ 2019 was a banner year for data exposures, with billions of people affected by cloud misconfigurations, hacks and poor security practices in general. Heres the Threatpost Top 10 for data-breach news of the year, featuring all the low-lights.
The Uncommon Becomes Ordinary: 4 Trends That Defined Data Breaches in 2019
The iOS, Android security landscape in 2019
Biggest Malware Threats of 2019
threatpost.com/biggest-malware-threats-of-2019/151423/ 2019 was another banner year for bots, trojans, RATS and ransomware. Lets take a look back.
The Internet of Things (IoT) and security in 2019
www.zdnet.com/pictures/the-biggest-internet-of-things-smart-home-hacks-over-2019/ Attackers targeted everything from gas pumps to your smart TV this year.
Top Zero Days, Data Breaches and Security Stories of 2019: News Wrap
Reviewing our 2019 AppSec predictions: Supply chain attacks
blog.barracuda.com/2019/12/24/reviewing-our-2019-appsec-predictions-supply-chain-attacks/ At the start of the year, I made three predictions on attacks vectors that would become big problems over the year and beyond. This is the look at where the three are, now, at the end of the year.
Catalog of Supply Chain Compromises
github.com/cncf/sig-security/tree/master/supply-chain-security/compromises The goal is not to catalog every known supply chain attack, but rather to capture many examples of different kinds of attack, so that we can better understand the patterns and develop best practices and tools.
A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s
Start the Year Right with a Security and Privacy Check Up
www.tripwire.com/state-of-security/security-awareness/start-year-right-security-privacy-check-up/ Change passwords, enable multi-factor authentication, review security and privacy settings.
7 signs your cybersecurity is doomed to fail in 2020
Looking Ahead to 2020 Cybersecurity Trends and a New Decade
2020 Predictions: Mobile Security
Bringing Starchild Down to Earth: Soraka SDK
www.whiteops.com/blog/bringing-starchild-down-to-earth-soraka-sdk The White Ops Threat Intelligence team recently identified 100+ malicious apps, with more than 4.6 million downloads, performing ad fraud. All of the apps use a common code package White Ops has dubbed Soraka (com.android.sorakalibrary)