<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">
blog-banner.jpg

Next-Gen CASB Blog

Bitglass Security Spotlight: Rakhni Trojan Evolving

By Jacob Serpa | August 1, 2018 at 5:17 AM
Businessman holding a newspaper while having breakfast in his kitchen.jpeg

Here are the top cybersecurity stories of recent weeks: 

  • Rakhni Trojan installs ideal malware for each computer
  • Hackers steal Macy's customers' credit card details
  • Unchanged default password exposes military data
  • Polar Flow app reveals location of military personnel
  • Social media app Timehope breached

Rakhni Trojan installs ideal malware for each computer

As malware continues to evolve, newer, more frightening capabilities keep rising to the surface. The Rakhni Trojan highlights this reality as a context-aware threat that installs malware best suited for the systems that it is infecting. As an example, for computers that have cryptocurrency wallets already installed, Rakhni will deploy ransomware that encrypts the device and requires victims to pay a cryptocurrency ransom for decryption. 

Hackers steal Macy's customers' credit card details

Malicious individuals recently gained access to sensitive information belonging to Macy's online customers. While Macy's detected the suspicious activity and blocked the accounts, hackers are still believed to have gained a handful of credit card numbers, usernames, and passwords. Enterprises must remain vigilant in defending against these kinds of threats. 

Unchanged default password exposes military data

A hacker has successfully stolen a number of sensitive military documents. Maintenance course books and operation manuals for tanks, drones, and more were left exposed when an IT team failed to change the default password on a router used within a military base. Unfortunately, these sensitive files are now for sale online.

Polar Flow app reveals location of military personnel

A popular fitness app that tracks user movement, Polar Flow, has inadvertently exposed the home addresses of military personnel, including spies. For any individual who altered a particular Polar Flow website URL, the data was readily available. Obviously, this kind of information can lead to a variety of national security concerns. 

Social media app Timehop breached

An application that presents users with their old posts from social media, Timehop, was recently breached. Approximately 21 million users had their data exposed in the breach – data ranging from full names to phone numbers and email addresses. The data was exposed through a lack of cloud security – tokens granting access to said information were readily accessible to hackers.

To learn about cloud access security brokers (CASBs), advanced security tools built for the cloud, download the Definitive Guide to CASBs below. 

Download the Solution Brief