The target: SpiceJet, one of India’s largest privately owned airlines.
The take: Private information of more than 1.2 million passengers including: Full names, phone number, email address, date of birth and a month’s worth of flight information.
The attack vector: SpiceJet’s IT systems were cracked through a brute-force attack of an extremely weak password. Once the system was penetrated, an unencrypted database backup file was discovered containing the millions of readable records.
This breach highlights the importance of secure password practices which should be applied at all levels across a firm. In addition, wherever personally identifiable information is concerned, extra care is advised as their compromise can enable highly effective phishing campaigns and identity theft.
CBR: The UK’s cybersecurity sector is now estimated to be worth more than £8.3 billion, a significant rise of 46 percent from £5.7 billion in 2017, but a skills gap could be a major disrupter in the coming years.
Cision: ForgePoint Capital announced the promotion of Manoj "MJ" Ramachandran to Vice President and that Shane Shook, an expert in the field of cyber forensics, and former Cyxtera Technologies CIO Leoncio "Leo" Casusol have joined the firm as venture consultants.
ZDNet: Professional services firm PwC surveyed over 1,600 CEOs from around the world and found that cyberattacks have become the most feared threat for large organisations – and that many have taken actions around their personal use of technology to help protect against hackers.
ZDNet: In 2019, hackers have successfully breached 11 major cryptocurrency exchanges and have stolen more than $283 million worth of cryptocurrency, according to blockchain analysis firm Chainalysis.
SEC: The observations highlight certain approaches taken by market participants in the areas of governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, and training and awareness.
NBC News: OurMine, a Saudi hacking account that promotes its own cybersecurity services, said it hacked a number of the league's accounts on its Twitter page. The first team to be exposed appeared to be the Chicago Bears.
Reuters: Sweeping cyberattacks targeting governments and other organizations in Europe and the Middle East are believed to be the work of hackers acting in the interests of the Turkish government, three senior Western security officials said.
The target: Microsoft
The take: 250 million Call Centre records which included full conversations between service agents and customers, as well as a portion of customer emails, internal notes and IP addresses.
The attack vector: Cloud databases across five different online servers were left unsecured, as a misconfigured security group left them exposed to the internet. These records could be used in extremely targeted and effective phishing campaigns against customers, impersonating Microsoft support agents and referencing internal case numbers and topics discussed.
This breach again raises the critical consideration that effectiveness of an organization’s security relies on vigilant processes and validations where cloud technology is concerned no matter the scale of the infrastructure or the pedigree of the firm.
Private Equity International: The increasing use of technology by private equity funds seems to have struck a chord with LPs, who disagree with their managers over how prepared the latter are for cyberattacks, according to the seventh annual EY Global Private Equity Survey.
**Access to article requires a subscription**
Reuters: Greece’s top administrative court has ruled in favor of extraditing to France a Russian man suspected of laundering billions of dollars in digital currency, a judicial official said.
Hedge Week: Drawbridge Partners, a cybersecurity software and services firm specialising in the needs of hedge fund and private equity managers, has appointed Lyons as Vice President of Business Development.
CNN: UN experts said they are "gravely concerned" by information they have received suggesting that a WhatsApp account belonging to Saudi Crown Prince Mohammed bin Salman was used to deliver spyware to the mobile phone of Amazon CEO Jeff Bezos.
The Guardian: Britain’s cyber-defences are being endangered by the outdated Computer Misuse Act, which prevents investigators from dealing effectively with online threats while over-punishing immature defendants, according to a legal report.
Mondovisione: The Dubai Financial Services Authority (DFSA) launched the first financial regulator-led Cyber Threat Intelligence Platform (Platform) in the region in collaboration with the Dubai Electronic Security Center (DESC), the National Computer Emergency Response Team for the UAE (aeCERT), the Computer Incident Response Center Luxembourg (CIRCL) and the Open Source Threat Intelligence and Sharing Platform Project (MISP).
Compliance Week: Last year, Equifax agreed to pay up to $700 million in a settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau, and a coalition of 50 attorneys general.
The target: LimeLeads, a San Francisco-based business-to-business leads generator.
The take: 49 million user records including: full name, title, user email, employer/company name, company address, company total revenue and estimated number of employees.
The attack vector: LimeLeads did not set up a password for the internal database which was hosted on a publicly accessible server, meaning anyone with an internet connection was able to access the data and scrape a copy. The highly specific personal details of the data could lead to extremely effective spear-phishing campaigns targeting high level individuals.
The security of intended internal systems is as critical as external facing ones. Adopting stringent cybersecurity policies across all areas of access, whether internal or external, is crucial to maintaining the integrity, confidential and availability of data.
Reuters: McAfee LLC told Reuters it has hired Peter Leav, the former CEO of BMC Software, as its new CEO, replacing Chris Young, who created the cyber security company in its current form by carving it out of Intel Corp four years ago.
Cision: Skyview Capital, LLC ("Skyview") a global private investment firm, announced that it has acquired Fidelis Cybersecurity, Inc. ("Fidelis") from a consortium of investors. Terms were not disclosed.
ZDNet: Cyber incidents are considered the top risk to businesses globally, according to a survey of 2,718 executives across 100 countries, including CEOs, risk managers, brokers and insurance experts, with 39% listing this as their biggest worry.
BusinessWorld: We regularly hear and read about hacks, security breaches and similar cybersecurity incidents that expose vulnerabilities in corporate and government digital security systems.
IMF Blog: Last March, Operation Taiex led to the arrest of the gang leader behind the Carbanak and Cobalt malware attacks on over 100 financial institutions worldwide. This law enforcement operation included the Spanish national police, Europol, FBI, the Romanian, Moldovan, Belarusian, and Taiwanese authorities, as well as private cybersecurity companies. Investigators found out that hackers were operating in at least 15 countries.
IT World Canada: Five of the country’s biggest banks are offering cash prizes to post-secondary students and recent graduates for creating possible solutions to improve the cyber security responses of financial institutions.
The Times of Israel: There are 436 cybersecurity companies operating in Israel at various stages of development a new report by IVC Research Center, which tracks Israel’s tech industry, shows.
The target: Cabarrus County, a district of North Carolina in the United States
The take: $1.7 million dollars
The attack vector: A BEC, or Business Email Compromise. The attackers posed as one of the county’s contractors and requested their bank account be updated in time for the next payment. They spoofed legitimate documents including an electronic funds transfer form (EFT) and signed bank documentation. After receiving the bogus documents, Cabarrus County staff changed the vendor’s account to this new, fake one and continued with their scheduled payments.
This attack highlights the importance of security awareness campaigns that test and train employee’s abilities to spot and report suspicious emails. Additionally, controls should be in place wherever payments are processed to ensure that any requests to change payment instructions are reviewed and validated outside of an e-mail correspondence string.
Yahoo Finance: International crime fighting agency Interpol has taken action to stem a plague of cryptocurrency mining malware afflicting computer routers across Asia.
Mirror: Some of the UK's biggest high street banks have been hit by a cyber attack on Travelex - with Royal Bank of Scotland, HSBC and Barclays among those left with no online travel money services.
Law.com: The question gets asked quite frequently in regulatory circles: “Will the New York State Department of Financial Services bring an enforcement action under its cybersecurity regulation, and if so, when?” The probable answers are “yes” and “soon.”
Reuters: Insight Partners in April participated in a $65 million funding round for Armis that brought the company’s total funding to $112 million. That round was led by Sequoia Capital.
City A.M.: A British intelligence agency contacted the London Stock Exchange (LSE) in the past two months to request additional information about the outage on 16 August, the Wall Street Journal reported.
Computer Weekly: Ciaran Martin, CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after nearly seven years in charge of the government’s cyber security efforts.
Department of Financial Services: There is currently a heightened risk of cyber attacks from hackers affiliated with the Iranian government. The Iranian government has vowed to retaliate against the United States for the death of Qassem Soleimani. Given Iranian capabilities and history, U.S. entities should prepare for the possibility of cyber attacks.
The target: Wyze, a Seattle-based smart home device maker.
The take: Email addresses, IP addresses, WiFi SSID’s and device information of 2.4 million customers.
The attack vector: During the deployment of a new database, a mistake by an employee removed all of the security protocols governing the system, thus exposing the information. In total, two exposed Elasticsearch databases and one MySQL production database were freely accessible and the attackers were then able to access and download the leaked information.
Deployment of new technology is a potentially critical point of vulnerability. Any changes intended for the production environment should be tested in a private staging environment and audited/tested wherever possible to avoid introducing gaps into a firm’s security posture.
Bitcoin.com: An investigation launched on the request of a French startup has led to the indictment of a 37-year-old entrepreneur accused of stealing 182 BTC from the company he cofounded. Embezzlement of money is one the charges brought against him by the public prosecutor’s office in Paris.
The Wall Street Journal: The cybersecurity-vendor sector is set to trim some of its fat in 2020, venture-capital executives say, and companies that weave sophisticated technologies such as artificial intelligence into their products are the ones likely to succeed.
Finance Feeds: Travelex Ltd confirmed that a software virus was discovered on New Year’s Eve which compromised some of its online services. Travelex has taken all its systems offline as a precautionary measure and is currently providing foreign exchange services on a manual basis.
The Wall Street Journal: In one of the largest-ever corporate espionage efforts, cyberattackers alleged to be working for China’s intelligence services stole volumes of intellectual property, security clearance details and other records...
**Access to article may require a subscription**
The National: The Dubai Financial Services Authority (DFSA) is planning to roll out a platform to help companies in the Dubai International Financial Centre implement appropriate safeguards to mitigate cyber risks.
JDSUPRA: The Financial Conduct Authority (FCA) aims to guide regulated firms on its expectations of their cyber resiliency. In 2018, the FCA warned regulated firms of the risks of outdated IT systems and the lack of effective cyber controls as a key area of vulnerability in an environment where it said that the threat level for cyber-attacks is “remarkable.”
AP News: The U.N. General Assembly approved a resolution Friday that will start the process of drafting a new international treaty to combat cybercrime over objections from the European Union, the United States and other countries.