The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Friday Five: 7/5 Edition

by Lewis Mustoe and Hayley Donaldson on Friday July 5, 2019

Contact Us
Free Demo
Chat

Cracking a five year Facebook malware campaign, this week's CDN outage, and an app fined for leaking users' photos - catch up on the week's news with this recap!

1. Researchers crack open Facebook campaign that pushed malware for years by Dan Goodin

Security researchers discovered this week that for the past five years a network of malicious Facebook accounts used Libyan news to infect thousands of people’s devices with malware. Researchers first noticed these malware links in Facebook posts that impersonated Field Marshal Khalifa Haftar, the commander of Libya’s National Army. The attacker utilized URL-shortening services to create many of the links and used more than 30 Facebook pages to spread them. The attacker was able to infect users using customized content, valid websites, and highly active pages with a significant number of followers. Almost all of the malware associated with this network was tied to command and control servers that security researchers were able to link to a Facebook account that posted private documents, such as Libyan government officials’ passport photos, emails, and phone numbers. To combat the issue, Facebook took down these pages and accounts and asserted the service will continue to invest in technology to detect malicious activity on its platform.

Read more

2. Gay dating app fined $240,000 for leaking nude and private photos by Catalin Cimpanu

The Office of New York Attorney General Letitia James fined Online Buddies, the maker of Jack’d, a dating app for gay and bisexual men, $240,000 and asked the company to improve its security measures after violating its user privacy policy. Online Buddies told users that it would protect their personal information and that it would prevent unauthorized access to their private photos but the exact opposite happened when users’ private photos were leaked online for more than a year. In February 2018, a security researcher informed Online Buddies that its users’ nude and private photos were accessible on an AWS S3 server but the company failed to react. Online Buddies could have informed Jack’d users about the situation, used stopgap protections, implemented logging to spot unauthorized access, or changed its policy regarding securing its users’ photos and personally identifiable information.

Read more

3. Cloudfare’s recent 502 bad gateway outage blamed on bad software by Waqas

Cloudflare, the internet’s largest content delivery network (CDN) dealt with a service disruption this week that resulted in thousands of Cloudflare-proxied domains having “502 Bad Gateway” errors. According to CTO John Graham-Cumming, the outage only lasted about 30 minutes and was caused by bad software deployment. Cloudflare says its looking into these performance problems.

Read more

4. Huge jump in cyber incidents reported by finance sector by Warwick Ashford

The financial services industry in the UK has seen a massive spike in cybersecurity breaches since 2017, reporting an increase from 69 incidents in 2017 to 819 in 2018. Retail banks were the victim of 60% of attacks, with wholesale facing about 15%. The rest of the attacks hit investment banks and other institutions. Third-party failure was at fault for 19% of the incidents, which has led to the FCA calling for stronger cybersecurity within companies responsible for massive financial assets. Steve Snaith, a technology risk assurance partner at RSM, an international accountancy firm, believes that even though the increase is concerning, firms are also becoming more proactive in reporting attacks to regulators, something which may have inflated the statistics. The threat of cyber attacks will always be present, so it's vital that companies combine innovative technology with the right people in order to adequately protect their sensitive data.

Read more

5. Florida city fires IT employee after paying ransom demand last week by Catalin Cimpanu

Following up on our story from last week regarding the government data breach in Lake City, Florida: the IT employee responsible for the breach has been fired. After opening a document that infected the town's computers, Lake City was held ransom on June 10th for the release of their information. The town was forced into paying 42 Bitcoin (about $500,000) to the ransomware gang, which eventually returned the files to the town's IT staff to be decrypted. This attack was not the first involving city information as many officials are becoming aware of the trend after two other Florida cities were recently breached. Moving forward, city officials plan on investing heavily into IT and cybersecurity while also taking the time to train employees on how to detect and handle potential attacks.

Read more

Tags: Financial Services, Ransomware, Privacy, Malware

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Guest Contributor

Get unique perspectives on a range of infosec topics from our guest contributors.