The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
British Lawmakers’ Logins Targeted
Over the last week, multiple parliament members and other lawmakers in the UK have been the focus of cold-callers attempting to gain login credentials, following a successful brute force attack that compromised the credentials of several other officials. Passwords for the remainder of the parliamentary staff have received a force reset to avoid any further exploitation of their systems.
Banks Still Struggle with Security
The Online Trust Alliance recently conducted an anonymous study of 1,000 websites across many different sectors, to test for security, privacy, and consumer protection. Of the 100 largest US banks in the study, only 27% passed all 3 categories, while 65% failed in at least one category. Although the American Banking Association still believes that banks are the current standard for security, the long list of breaches throughout the last year alone leave many consumers questioning just how secure their banks really are.
Sabre Breach Exposes Google Employee Data
In the past few days, Google has been sending out notifications to employees after Sabre Hospitality Services experienced a breach in their reservation system. While the breach appears to have occurred between August 2016 and March 2017, most employees’ data should still be secure, since Sabre automatically deletes reservation details after 60 days. In addition to Google employees, this breach may affect anyone who has used Sabre booking services during the suspected breach period. Those who believe they may have been affected should check their billing statements regularly for discrepancies.
Feedback Scammers Pick 5,000 Companies to Extort Millions
Scammers are now using the .feedback top-level domain (TLD) to extort money from companies. The TLD exists so companies can invite their customers to provide comments on their services. Sounds pretty swell, but only if the company is the first to register the .feedback domain for their brand. A new group of scammers has created domains for 5,000 top companies, with the demand that companies either pay monthly to receive the feedback their customers submit, or pay a lump sum to have the site taken down entirely.
Mozilla Site Security Review Has Shocking Results
Mozilla just completed a study of the top 1 million websites to determine their overall ability to protect visitors from various types of cyberattacks. Unfortunately, nearly 94% of study participants received an “F” across the 13-point test. While an increasing number of sites continue to improve their security year-over-year, the majority still have a long way to go.