Stay up to date with the latest cyber-attacks, data breaches and cyber news from around the world in Celerity's weekly cyber-security round up.
Picture This… 7 Months To Identify A Data Breach
An online photo sharing website designed for photographers to share and licence images has only just identified a data breach that occurred in July 2018. 500px forced a password rest for all its users this week in a response to the discovery and with a reported 15 million photographers signed up to the site, it seems that this has been a significant breach. The stolen data included: users’ names, email addresses, DOB, hashed passwords, gender and city. The company insists that no financial information was stolen, but some reports suggest that the breached data is already up for sale on the dark web. You may think that 7 months is a long time to identify a data breach, however, a 2018 Ponemon Institute report suggests that the average number of days attackers are in a system before they are detected is 197.
It was reported on Valentine’s day that Malta’s largest bank, in which the Maltese government is the largest shareholder, became the target of a cyber-attack. The hackers attempted to withdraw a hefty 13 million euros and transfer the funds to banks in the Czech Republic, Hong Kong and Britain. The bank decided to shut down its IT systems, ATM’s and branches in order to deal with the cyber-attack.. The good news is that no customers’ accounts were compromised and the transactions have been traced and are currently “being reversed” commented Prime Minister Joseph Muscat. It doesn’t matter what sector or how big your organisation is; everyone, everywhere is a target.
New Strain Of Shlayer MacOS Malware Discovered
Ever had an Adobe Flash Player update pop up whilst you’re surfing the net? Yes? Well avoid clicking that link and downloading any software, especially if you’re a mac user. A new strain of the Shlayer malware that targets macOS versions 10.10.5 up to 10.14.3 has been discovered. The malware uses a 2-stage attack in which it initially analyses the macOS version and then runs malicious script. This can then lead to the malware downloading further software such as adware as found in some samples taken by Carbon Black, the company who discovered the new strain.
We will be back next week with another round up of cyber-security news.
Remember: cyber-attacks are a matter of 'when' not 'if' - be prepared!