Reading Time: ~2 min.
Members of British Parliament Targeted by Phishing Attack
Dozens of MPs from the UK were recently subjected to malicious
spam and unauthorized solicitations via their mobile devices. Fortunately,
as this wasn’t the first phishing attempt on MPs, many were quick to delete any
unusual messages and quickly warned others to do the same. Due to the ease of
mounting such an attack, phishing campaigns can be extremely effective,
especially when deploying social engineering tactics to increase the victim
pool.
Major African Utility Company Breached
One of the largest energy
providers on the African continent suffered a data breach this week,
brought on by an employee downloading a game onto a corporate device. Along
with introducing a fairly sophisticated banking Trojan onto the system, the
employee also allowed for a database containing sensitive customer information
to be made available to the attackers. Even more worrisome, the utility company
was only made aware of the breach after an independent security researcher
attempted to contact them about the stolen data via Twitter.
Cryptocurrency Exchange Collapses After CEO Death
A Canadian-based cryptocurrency
exchange was recently faced with a major dilemma after the untimely death
of their CEO and only person to have access to the offline coin storage wallet.
With more than $100 million worth of cryptocurrency current tied up in the
exchange, many customers quickly found themselves without access to their
funds, possibly indefinitely. Having a single point of failure is a critical,
and easily avoidable, issue for any digital company.
Fast Food POS Breach
A new breach has been discovered that could affect any
customers who paid with a credit card at any Huddle
House fast-food locations over the past two years. While the specific
malware variant is still unknown, there were obvious signs of credential
stealing and other information gathering tactics. Huddle House has since been
working with law enforcement and credit companies to help potential victims
with credit monitoring.
Google Play Removes Porn Apps
In another wave of cleaning up the Google Play store, the
company recently removed 29 apps that were disguised as photo
or camera apps but would instead steal user photos and display a steady
stream of pornographic advertisements. The apps had all been downloaded between
100,000 and 1 million time each, and were often extremely difficult to remove,
even hiding the app icon entirely. Additionally, some of the apps would display
as a photo editor, encouraging users to upload any extra pictures that weren’t
already stolen.
The post Cyber News Rundown: Phishing British Parliament appeared first on Webroot Blog.