The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Friday Five: 5/1 Edition

by Amanda Brown on Friday May 1, 2020

Contact Us
Free Demo
Chat

Australia's contact tracing app sparks privacy concerns, Shade ransomware ceases operations, and Google Play deals with malicious apps. Catch up on the week's news with the Friday Five!

1. Australia Launches Controversial Coronavirus Contact Tracing App by Reuters

As Australia prepares to ease restrictions relating to the coronavirus and get its country and economy back on normal footing, officials there continue to worry about the risk of another flare up. Fortunately, Australia and neighboring New Zealand managed to control its coronavirus outbreak before its public health systems was strained, but the country acknowledges that it isn't out of the woods yet. On Sunday, the Australian government launched an app, based on Singapore’s TraceTogether software and using Bluetooth signals to log when people have been close to one another, to help health officials trace people potentially exposed to infections. Civil liberties groups have criticized the app as an invasion of privacy, but the government assured people there that the app does not track location and that no one would have access to that data besides public health officials. The topic of privacy around these contact tracing apps has been an issue almost everywhere. South Korea and Israel, for example, are using high-tech methods to track people’s locations through centralized, surveillance-based approaches. The way Australia chooses to handle transitioning back to normalcy with the use of this app could serve as an example for others, if successful.

Read more

2. Hackers’ Malicious Script Skimmed Credit Card Details Off Robert Dyas Website By Graham Cluley

The UK DIY, electricals, and houseware chain, Robert Dyas, has revealed to customers that a malicious code was skimming credit card details on their payment page between March 7 to March 30 of this year. This poses quite the problem, as most people have been ordering goods via websites, rather than visiting stores, due to coronavirus concerns. The JavaScript code was likely planted on Robert Dyas’ site by compromising the website infrastructure or by planting the malicious code in a third-party script used by the site. The code silently harvests customers’ personal data and payment card information as its entered into an online form, and then sends that information to hackers. The company has fixed the vulnerability and is “confident that the incident has been resolved,” but customers who purchased goods while the site was infected are encouraged to keep a close eye on their financial statements for any unusual transactions.

Read more

3. Shade Ransomware Shuts Down, Releases 750K Decryption Keys by Lawrence Abrams

This ransomware news is a bit different from what we normally see in the headlines: The operators behind Shade strain of ransomware, which has been functioning since around 2014, has shut down operations, released over 750,000 decryption keys, and apologized for any harm that they caused their victims. The group mostly targeted people in Russia and Ukraine and had steadily distributed ransomware over the years until the end of 2019 when it decided to stop. In the GitHub repository that it created, the group included five master decryption keys, over 750,000 individual decryption keys for victims, instructions on how to use them, and a link to the group's decryption program. “We apologize to all the victims of the trojan and hope that the keys we published will help them to recover their data,” the GitHub post states. Researchers confirmed that the keys are valid, but using a decryptor is not very straightforward, and victims may have trouble getting it to work correctly.

Read more

4. Google Play has Been Spreading Advance Android Malware for Years by Dan Goodin

Researchers have revealed that hackers have been distributing an unusually advanced backdoor that’s capable of stealing a wide range of sensitive data by using Google Play. At least eight Google play apps that date back to 2018 have been recovered, and it's likely that more malicious apps from the same advanced group have been on Google’s official market since at least 2016. Google uses a vetting process to keep malicious apps out of Play but attackers used several effective techniques to bypass the security process. One of the techniques was to submit a benign version of an app initially, and then add the backdoor only after the app was accepted. Over time, the backdoor collected data about infected phones including the hardware model, the Android version it ran on, and any apps that were installed. After the attackers downloaded malicious payloads specific to the infected device, they could collect locations, call logs, contacts, text messages, and other sensitive information. Google has removed recent versions of this malware shortly after being notified by researchers, but many remain available on third-party markets.

Read more

5. Healthcare Targeted by More Attacks but Less Sophistication by Robert Lemos

It’s not news that healthcare organizations have been experiencing an increase in security breach attempts amid the COVID-19 pandemic. Security experts claim the fraud attempts aren't very sophisticated however. While organizations saw a 30% increase in COVID-19-themed phishing sites and lures last month, the number of successful breaches did not significantly increase. The downturn of the global economy has likely forced some people to turn to cybercrime but many of those people aren't sophisticated actors. While some hackers have vowed not to attack healthcare firms, some are continuing, with 14% of attacks in the first quarter targeting the healthcare sector, according to reports. Healthcare companies have struggled with securing their networks due to older, unpatched operating systems and tighter budgets after cancelling elective surgeries and turning away many patients. Ransomware groups continue to target healthcare companies due to their reputation for paying ransom.

Read more

Tags: Privacy, Ransomware, Malware, Data Breach

Recommended Resources


  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business

Amanda Brown

Amanda is a Field Marketing Coordinator at Digital Guardian.