This week we published a security alert about two critical vulnerabilities found in Microsoft when the company released its monthly security updates.
The most important story of this week was the one about the Australian Defence Force being hacked and top secret technical information being stolen from an Australian defence contractor.
Here are some of the other cybersecurity stories of the week that you’ll find in this weekly summary:
It seems that the Equifax Saga continues. The company’s website might have been, once again, under the influence of attackers, and redirect users to fake Flash update.
Another big technology company has fallen victim of a data breach and confirmed that left a massive store of private data across four unsecured cloud servers. This lead to exposing highly sensitive passwords and secret decryption keys that could have produce damage for the company and its customers.
This article gives details about five bad cybersecurity habits that could lead to devastating consequences for users.
According to IDC, vendor revenue from sales of infrastructure products for cloud IT, including public and private cloud, grew 25.8% year over year in the second quarter of 2017, reaching $12.3 billion.
Felix Krause revealed a method for phishing Apple ID passwords on iOS that would be quite indistinguishable from a real iOS password request. Following this example, Malwarebytes talks about this tactic used in the Apple ecosystem and how this affects users’ privacy.
Malware authors don’t necessarily need to trick users to enable macros to run malicious code. An alternative method exists, one that takes advantage of another legitimate Office feature called Microsoft Dynamic Data Exchange (DDE). It allows an Office application to load data from other Office applications.
For the second time since 2015, Hyatt Hotels has suffered a breach of customers’ payment card data due to attackers infecting its systems with malware.
TOP secret technical information about new fighter jets, navy vessels, and surveillance aircraft has been stolen from an Australian defence contractor. According to an investigation made by Australian Signals Directorate (ASD), it seems that the company had not changed its default passwords on its internet facing services. They used basic (and too simple passwords): admin password was ‘admin’ and the guest password was ‘guest’.
DDoS attacks on two separate days have brought down several IT systems employed by Sweden’s transport agencies, causing train delays in some cases.
This new Android ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. Known as DoubleLocker doesn’t have the functions related to harvesting users’ banking credentials and wiping out their accounts.