Breach Trends and Insights-Report September 2020

This report summarises the top breaches between mid-August till 15th September 2020. The report will help you to keep track of the latest hacks and add insights to safeguard your organization by looking at the trends. 

The Most Common Breach Trends Identified Were :

  • Hacking – Twitter
  • Operational Errors – Social Media Breach (Misconfigured DBs)
  • Social Engineering Attacks/ Phishing Attacks – Paytm Mall Breach, Sans Institute
  • Malware (Ransomware) – ETERBASE 

Twitter Says Security Flaw may have Exposed Android User’s direct messages 

As per Twitter, a certain vulnerability may have exposed the direct messages of Android users.

“This vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this,” the company said in a blog post. 

They also stated that there is no evidence that Android vulnerability has been exploited by hackers. 

Source – Twitter Blog 

Social Media Breach – TikTok, Instagram, and Youtube 

Public-facing profiles of over 235 million users are compromised because of misconfigured online databases. Comparitech teamed up with Bob Diachenko to uncover three identical copies of the data on August 1, left online with no password or other authentication required to access it.

In total, 192 million profiles were scraped from Instagram, 42 million from TikTok, and 4 million from YouTube.

Source – Infosecurity Magazine

Paytm Mall suffers a massive data breach

The eCommerce arm of Paytm has suffered a massive data breach according to US-based research firm Cyble. The hackers have demanded a ransom of 10 ETH amounting to $4000. 

Hacker group John Wick is behind the breach, according to Cyble. According to experts, the group hacks databases of companies under the guise of offering help to fix bugs in their systems. “This (breach) was tipped off to us from an “alleged” ex-cartel member of a credible hacking group “John Wick“, the company said in a blog post.

Source – Economic Times 

Hackers attack European crypto exchange ETERBASE, steals $5.4 Million 

Crypto bases are an absolute favorite for Hackers, because of the amount of money one can steal. This time ETERBASE, a Bratislava, Slovakian based cryptocurrency exchange was attacked and more than $5 Million were stolen. 

Eterbase confirmed the news on its Telegram and Twitter channels on Tuesday, stating that six hot wallets of the exchange containing ether (ETH), ERC-20 tokens, bitcoin (BTC), XRP, Algorand (ALGO), and Tezos (XTZ) were compromised.

 Source – Hackeread.com

Sans Institute Phishing Attack – 28000 Records Lost 

Hundreds of Emails from an internal account were forwarded to an unknown third party. Over 28000 records are compromised. 

The global cybersecurity training and certifications organization said in a statement that the incident came to light on August 6 after a regular review of email configuration identified a “suspicious forwarding rule.”

“This rule was found to have forwarded a number of emails from a specific individual’s e-mail account to an unknown external email address,” it continued.

Source – Infosecurity magazine

Hacker’s Launch Customized Ransomware Attacks

A new ransomware operation has been found, dubbed Darkside. It launches customized attacks and asks for millions of dollars as a payout. A similarity in source code implies these threat actors could be following in the footsteps of GandCrab and REvil ransomware.

Ransomware attacks have been on a boom for several months. New Ransomware like 

VHDEnsiko, and several others have surfaced in the market, while on the other hand, almost all major law enforcement agencies like Interpol and FBI have been busy alerting users about the sharp increase in ransomware related activities.

Source – Cyware.com

FireCompass Insights On this Month’s Breaches 

We have seen increased cases of phishing attacks in the last month, few steps can be taken to curb the same : 

  • Awareness – Bring awareness about the Spoofing emails/ Phishing emails
  • Provide Training – which educates employees on why phishing is harmful and on how to detect and report phishing attempts
  • Phishing Simulation – which tests whether employees apply the training under real-world conditions and reinforces the lessons when they don’t
  • Reporting – Reporting of spoofing emails with a process helps employees to detect and alert Security Team

There has been a 300% increase in Ransomware Attacks in 2020.  27% of Malware incidents happening were Ransomware Attacks (According to Verizon Data Breach report 2020). Ransomware attacks are increased due to COVID lockdown and can be traced to the following reasons : 

  • Employees inability to detect phishing attacks
  • Increase in Remote working
  • Security Teams unaware of open risky ports and unpatched servers

Views: 31

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service