CSS News Round-Up: Fitness Store Website Targeted By Hackers

News Round-Up – Get a Quick Rundown of What You Need to Know

 

The Converged Security News Round-Up looks into recent reports and journalism covering converged security threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @ConvergedSecSol. Visit our services page to learn more about the CSS suite of services, including managed security services and end-to-end cyber-and-physical protection.

Bodybuilding.com Targeted by Hackers

Popular fitness store website Bodybuilding.com fell victim to a data breach dating back to February of this year. The hackers succeeded in hacking the company’s systems via a phishing email from July 2018, Info Security states. Possible information accessed includes names, email addresses, phone numbers, billing and shipping addresses, birth dates, order history, and profile information. For those that stored card information with the website also likely had the last four card digits exposed.

Swiss Manufacturer Becomes Latest Victim of Ransomware

Following closely behind the recent Norsk Hydro ransomware attack, another manufacturing company, Aebi Schmidt, has been hit as well. According to Help Net Security, “At the moment, only their Windows and Microsoft-based systems are affected, and had to be temporarily switched off.” However, the process of turning them back on has begun but will take a fairly long time. The article also notes that the specific strain of ransomware is still unknown. Aebi Schmidt was not able to access their systems used for manufacturing operations after the incident.

235% Jump in Cyberattacks on Businesses

A recent Info Security article notes that cyberattacks on businesses have skyrocketed by 235% in the first quarter of 2019. Additionally, cybercriminals are more so focusing on attacking businesses than they are individual consumers. As for ransomware specifically, says Info Security, “Consumer detections decreased 10% from the previous quarter and 33% year-on-year, whereas attacks against corporate targets surged 195% from the previous quarter and over 500% from the same time last year.” Cryptomining malware detections have just about disappeared for consumers, which the article states may be a result of the discontinuing of Coinhive.

Iranian Ride-Hailing App Exposes Millions of Drivers’ Data

A popular app for ride-hailing services in Iran accidentally leaked millions of drivers’ data through an unsecure MongoDB database, says Hack Read. After discovering that the database existed and exposed real peoples’ data, researchers discovered that Tap30 is the company it belonged to. It was also found, states the article, that no criminals downloaded the full database and the company has resolved the issue. No other similar incidents were found by the researchers.

Who Are the Main Targets of Employee-Focused Email Threats?

Help Net Security recently discussed which employees are the greatest targets of email-borne cyber threats. It was found that lower-level employees were targeted far more often than higher-level ones, with R&D/Engineering workers topping the list. 30% of malware and credential phishing that took place used general company emails, Help Net says. There was also a 40% increase in company social media impersonation according to the article, creating a whole new set of risks.

Converged Security Solutions provides our clients with measurable value by better quantifying, reducing, and managing security risk through assessments, remediation, and monitoring of IT and critical infrastructure. Our services span cyber and physical security to address the growing complexities in a world with internet enabled devices. Contact us to learn how we can help your organization.