Here are the top cybersecurity stories of recent weeks:
- 440 million email addresses exposed by Veeam
- Unprotected MongoDB databases being targeted
- 42 million emails, passwords, and more leaked
- Cold-boot attacks steal passwords and encryption keys
- 2 billion devices still vulnerable to Bluetooth attack
Data management company Veeam has ironically mismanaged hundreds of millions of users' data. A public-facing database exposed 440 million users' email addresses, names, and, in some circumstances, IP addresses. While this leak may seem innocuous, names and email addresses are all that is needed to conduct targeted spear phishing attacks.
The rise of the Mongo Lock attack is seeing improperly secured, poorly configured Mongo DB databases being targeted in a ransomware-like fashion. In these attacks, hackers scan for publicly accessible databases, remove their contents, and demand a Bitcoin ransom in exchange for having data returned.
A public hosting service that allows individuals to upload files for free was recently found to contain a massive amount of personal data. Over 42 million email addresses and passwords, as well as partial credit card numbers, were found within the platform. As noted in the Veeam section, hackers can easily use this type of data to conduct targeted spear phishing campaigns and steal more sensitive information.
A new cold-boot attack can take information in under two minutes from unsuspecting victims. The attack, which is further detailed at the above link, involves stealing information from RAM, or random access memory. Through this tactic, passwords and even encryption keys can be stolen. Fortunately, hackers need physical access to a computer to execute this kind of technique. Rather than allowing a system to sleep, forcing it to hibernate or shut down is a helpful defense.
One year ago, BlueBorne, a collection of vulnerabilities in devices that leverage Bluetooth, was revealed. Unfortunately, despite the fact that an entire year has gone by, 2 billion devices remain exposed. This is due to systems that have not been patched, systems that cannot be patched, and more.
To learn about cloud access security brokers (CASBs) and how they can protect your data from the ever-growing number of cyberthreats, download the Definitive Guide to CASBs below.