Here are the top stories of recent weeks:
- 250 Million Customers Exposed in Microsoft Data Leak
- Mitsubishi Electric Claims China is Responsible for Recent Breach
- NSA Steps in to Offer Cloud Security Guidance to Businesses
- London Street Pedestrians to Be Monitored via Facial Recognition
- U.S. Government Warns of Destructive Malware, Emotet
Tech giant, Microsoft, failed to uphold the most common security requirement – password protection, for a database that contained personal information on more than 250 million customers. The database is said to have customer information dating back to 14 years, in some cases. Microsoft has been in the news a lot lately and not for the right reasons. There is a current zero-day threat that has yet to be addressed, which is concerning considering that the organization has allotted $1billion towards cybersecurity.
A major security breach has been reported by one of the world's leading electronic and electrical equipment manufacturers, Mitsubishi Electric. A Chinese-linked malicious cyber group, Bronze Butler, known for targeting Japanese enterprises over the years is being blamed. According to the Tokyo-based corporation, the breach occurred on June 28th, 2019, however, it did not disclose the incident until January 2020. The hackers compromised tens of PCs and servers in Japan and overseas, totaling 200 MB in leaked files. Mitsubishi only denied that business partners and defense contracts were affected.
A new document released by the National Security Agency (NSA) separates cloud vulnerabilities into four categories and elaborates on mitigation tactics that may reduce the likelihood of a breach. The government agency states the most common threat vectors that organizations operating in the cloud may encounter, as well as how the malicious groups carry out these acts. In light of the ever growing number of data breaches that have affected organizations in all industries, the NSA hopes to shed some much needed light on threat mitigation and how to deploy proper security measures.
London’s Metropolitan Police has announced that it has plans of deploying live facial recognition cameras throughout the capital. Specific pockets of the capital are being targeted as they experience crime more frequently. While this initiative is aimed at stopping some of London’s most dangerous criminals, similar technology is widely used throughout the UK – in the private sector. Civil rights groups are campaigning against the mass surveillance tool as it aims to reject citizens' privacy rights.
The dangerous banking trojan, Emotet, has been doing the rounds for more than five years and it is back with a vengeance. CISA Director, Christopher Krebs, has been tweeting about a recent spike in Emotet malware attacks. Krebs urged that all organizations should take this warning seriously, as the credential-theft tool is frequently used to target state, local, territorial governments – as well as the private and public sector devices. According to Krebs, the widely distributed banking malware has been a precursor for ransomware operations.
To learn about cloud access security brokers (CASBs) and how they can protect your enterprise from data leakage, malware, and more, download the Top CASB Use Cases below.