The Week in Cyber Security News, June 15 - 21
01. Postbank, the banking division of South Africa's Post Office, has lost more than $3.2 million from fraudulent transactions and will have to replace more than 12 million cards for its customers after employees printed and then stole its master key.
02. Intel intends adding hardware protection against common malware attacks into its processors. The protection targets three types of attacks used by malware writers and can be enabled by software developers.
03. Six senior eBay employees have been charged with intimidating and cyber-stalking the couple behind an online newsletter whose media coverage they didn't like.
04. The Department of Homeland Security and CISA ICS-CERT has issued a critical security advisory warning about more than a dozen vulnerabilities affecting billions of IoT devices manufactured by over 500 vendors across the globe.
05. In a series of data breach notifications, IT services giant Cognizant has stated that unencrypted data was most likely accessed and stolen during an April Maze Ransomware attack.
06. Fraudulent Android app developers have been discovered trying to manipulate Google’s Play Store security by removing suspicious code before adding it back in to see what trips detection systems.
07. Google has removed 106 Chrome browser extensions from its Chrome Web Store in response to a report that they were being used to siphon sensitive user data.
08. It's been revealed that 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely.
09. Amazon says its online cloud, which provides the infrastructure on which many websites rely, has fended off the largest DDoS attack in history.
10. Many of the CIA's most sensitive hacking tools were so poorly secured that it was only when WikiLeaks published them online in 2017 that the agency realised they had been compromised.
CIA hacking tools were 'poorly secured'11. An IT specialist at the US' Federal Emergency Management Agency (FEMA) is facing a 43-count indictment for hacking databases at the University Of Pittsburgh Medical Center, a non-profit health care organization.
12. Advanced Micro Devices (AMD) plans to release firmware updates to fix a trifecta of bugs, which allow attackers to take control over the UEFI firmware of AMD CPUS and inherently the entire computer, affecting its CPUs released between 2016 and 2019.
13. A new report has shown that European and North American countries are the least exposed to cyberattacks, whereas 40% of South American and Asia-Pacific countries, and 75% of African countries are classified in the high and very high exposure groups.
14. One-in-five adults who use the internet said European and North American countries are the least exposed to cyberattacksthey had experienced cyber fraud or computer misuse, and while most victims reported no impact on them, they changed their online behaviours as a result.
15. Ten years worth of data from over 200 US police departments, amounting to nearly 270 gigabytes and hundreds of thousands of potentially sensitive files, have been leaked.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.
