The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Friday Five: 11/18 Edition



It's Friday! Catch up on the top infosec headlines with our weekly news roundup.

1. Adult Friend Finder and Penthouse hacked in massive personal data breach by Samuel Gibbs

Another mega-breach surfaced this week. Friend Finder Networks, an adult dating and porn site, was hacked in October and personal information from more than 412 million accounts was exposed. One of the largest breaches ever recorded, this hack included email addresses, passwords, IP addresses and more. Hacked sites associated with Friend Finder Networks include Adult Friend Finder, Cams.com, Penthouse.com, and more. This isn’t Friend Finder Networks’ first data breach. Last year, data from nearly 4 million users of Adult Friend Finder was leaked. For more on the breach, check out The Guardian.

2. New Ransoc extortionists hunt for actual child abuse material by John Leyden

A new ransomware by the name of Ransoc has been unleashed and targets computers with potential evidence of child abuse material. Once it finds evidence of these files, the malware scrapes Skype and social media profiles to come up with a personalized penalty notice threatening to turn the user over to law enforcement if they fail to pay the ransom. Rather than using file encryption, Ransoc uses extortionist social engineering to get users, whose reputations are on the line, to cough up the money. Ransoc also has a code allowing it to access webcams. Because its targeted victims are likely to have downloaded child abuse material, Ransoc is considered more potent since they’re less likely to seek support from law enforcement. For more information, read the full article.

3. 3 Mobile UK Hacked – 6 Million Customers’ Private Data at risk by Mohit Kumar

Friend Finder Networks wasn’t the only large data breach that came to light this week. 6 million users were compromised when hackers gained access to the customer phone upgrade database of Three Mobile, one of the UK’s largest mobile operators. Stolen data can easily be used to carry out mobile phone fraud and phishing attacks. According to Three, the hackers wanted to find customers who were eligible for upgrades, place orders for new phones, intercept the parcels, and resell them for profit. 3 men were arrested as part of the on-going investigation but were released on bail. For more info, read the full article.

4. Apple Keeps Constant Log Of iPhone Calls In iCloud, Warns Cop Contractor by Thomas Fox-Brewster

Whether you want to or not, Apple backs up all iPhone call logs going back up to four months in the iCloud. Even if you disable your backups, your call logs will still make their way to the cloud. In fact, it happens almost in real-time. Of course, you can completely disable your iCloud but then, anything else you want to back up won’t be and applications that use iCloud will stop working. This is good news for law enforcement who won’t have to hack a phone but will just need the iCloud login, which given a warrant, Apple will hand over. However, it can be considered a vulnerability for people who need or want the privacy of hidden call logs that third parties can take advantage of. Read the full story on Forbes.

5. $5 'Poison Tap' hacks locked computers by BBC News

To add to the arsenal of USB hacking devices like Rubber Ducky, Samy Kamkar, a developer, has created Poison Tap. For $5, it can hack into an unattended computer even if the screen is locked. The device plugs into a USB port and pretends to be the Internet to hijack traffic. If your browsers are open, it can steal your cookies and access any websites you use without the need for a username or password. So make sure you close your browser every time you leave your computer, even if it is locked. For more, head to BBC.

Ellen Zhang

Ellen Zhang

Ellen is the Acquisition Marketing Manager at Digital Guardian, with nearly half a decade of experience in the cybersecurity industry. As the company's SEO and PPC manager, Ellen has spent numerous hours researching information security topics and headlines.