First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Brian Krebs

https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked-hundreds-of-millions-of-title-insurance-records/

Excerpt:

“The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.”


Android Users Being Spammed Using Fake Missed Call Alerts

Ionut Ilascu

https://www.bleepingcomputer.com/news/security/android-users-being-spammed-using-fake-missed-call-alerts/

Excerpt:

“Scammers are abusing the Notifications and Push APIs and Google Chrome on Android devices to push spam alerts customized to look like a missed phone call.”


Employees are aware of USB drive security risks, but don’t follow best practices

https://www.helpnetsecurity.com/2019/05/15/usb-drive-security-risks/

Excerpt:

“Employees are aware of the risks associated with inadequate USB drive security – yet their employers aren’t mandating following best practices, according to a report by Apricorn.”


Hackers access data from more than 460,000 accounts at Uniqlo’s online store

Eustance Huang

https://www.cnbc.com/2019/05/14/japans-uniqlo-says-hackers-access-data-from-460000-online-accounts.html

Excerpt:

“Fast Retailing, the Japanese company behind the Uniqlo retail chain, announced Monday that the data of more than 460,000 customers on its online shopping sites were accessed by hackers from April 23 to May 10.”


Cybersecurity skills shortage still the root cause of rising security incidents

https://www.helpnetsecurity.com/2019/05/14/cybersecurity-skills-shortage-causes-security-incidents/

Excerpt:

“The cybersecurity skills shortage is worsening for the third year in a row and has impacted nearly three quarters (74 percent) of organizations, as revealed in the third annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG).”


Healthcare IT pros now confident in their cyber attack response ability

https://www.helpnetsecurity.com/2019/05/10/healthcare-cyberattack-response-ability/

Excerpt:

“Almost two years since the ransomware attack that brought the NHS (National Health Service) to a halt, healthcare IT professionals feel more confident in their ability to respond to a cyber-attack, according to new research from Infoblox.”


Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites

Swati Khandelwal

https://thehackernews.com/2019/05/magento-credit-card-hacking.html

Excerpt:

“Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites.”


The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors

https://www.helpnetsecurity.com/2019/05/09/iot-third-party-risk/

Excerpt:

“There is a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017 – from 15 percent to 26 percent – and the results might actually be greater because most organizations are not aware of every unsecure IoT device or application in their environment or from third party vendors, a Santa Fe Group study reveals.”


3 months, 1900 reported breaches, 1.9 billion records exposed

https://www.helpnetsecurity.com/2019/05/09/2019-publicly-reported-breaches/

Excerpt:

“There were 1,903 publicly disclosed data compromise events in the first three months of the year, exposing over 1.9 billion records, according to Risk Based Security.”


LulZSec and Anonymous Ita hackers published sensitive data from 30,000 Roman lawyers

Pierluigi Paganini

https://securityaffairs.co/wordpress/85145/hacktivism/lulzsec-hack-roman-lawyers.html

Excerpt:

“A group of hackers has stolen and published online sensitive data of 30,000 Roman lawyers, including the Mayor of Rome. The announcement was made on Twitter by Lulzsec and Anonymous Ita.”


Unhackable? New chip makes the computer an unsolvable puzzle

https://www.helpnetsecurity.com/2019/05/07/unhackable-chip/

Excerpt:

“A new computer processor architecture that could usher in a future where computers proactively defend against threats, rendering the current electronic security model of bugs and patches obsolete, has been developed at the University of Michigan.”


Cybercriminals targeting social media: Facebook and Instagram are becoming phishers’ favorites

https://www.helpnetsecurity.com/2019/05/03/social-media-phishing-increase/

Excerpt:

“Social media phishing, primarily Facebook and Instagram, saw the highest quarter- over-quarter growth of any industry with a 74.7 percent increase, according to the Vade Secure Phishers’ Favorites report for Q1 2019.”


IT service provider refuses to pay ransom, hackers publish stolen data online

Filip Truta

https://securityboulevard.com/2019/05/it-service-provider-refuses-to-pay-ransom-hackers-publish-stolen-data-online/

Excerpt:

“Multi-vendor service provider CityComp has suffered a breach that resulted in leaked customer data. Some of the German firm’s clients include big names like Oracle, Volkswagen, and Airbus.”


Citrix Confirms Hackers Stole Sensitive Employee Personal Information

Sergiu Gatlan

https://www.bleepingcomputer.com/news/security/citrix-confirms-hackers-stole-sensitive-employee-personal-information/

Excerpt:

“Citrix confirmed that the hackers who successfully breached the company's network stole sensitive personal information of both former and current employees and were able to access internal assets for about six months.”


Consumers increasingly deploying biometrics as PINs and passwords continue to fail

https://www.helpnetsecurity.com/2019/05/02/organizations-deploying-biometrics/

Excerpt:

“The UK is ready to fight fraud with biometrics, according to new research revealed by Nuance on World Password Day.”


Cybercriminals continue to target intellectual property, putting brand reputation at risk

https://www.helpnetsecurity.com/2019/05/02/cybercriminals-target-intellectual-property/

Excerpt:

“Despite improvements in combating cybercrime and threats, IT security professionals are still struggling to fully secure their organization and potect against breaches with 61 percent claiming to have experienced a data breach at their current employer, according to McAfee.”


Mysterious hacker has been selling Windows 0-days to APT groups for three years

Catalin Cimpanu

https://www.zdnet.com/article/mysterious-hacker-has-been-selling-windows-0-days-to-apt-groups-for-three-years/

Excerpt:

“For the past three years, a mysterious hacker has been selling Windows zero-days to at least three cyber-espionage groups, as well as cyber-crime gangs, researchers from Kaspersky Lab have told ZDNet.”


Most adults are concerned about malware and phishing on social media

https://www.helpnetsecurity.com/2019/04/30/adults-social-media-security/

Excerpt:

“More than eighty percent of adults believe that they’re at risk when it comes to security on social media.”


5G brings great opportunities but requires a network transformation

https://www.helpnetsecurity.com/2019/05/01/5g-deployment-plans/

Excerpt:

“Telecom operators are overwhelmingly optimistic about the 5G business outlook and are moving forward aggressively with deployment plans.”