29 Oct 2019
By Mary

InfoSec News Nuggets 10/29/2019

1 - UniCredit reveals data breach exposing 3 million customer records UniCredit has revealed a data breach resulting in the leak of information belonging to three million customers. On Monday, the Italian bank and financial services organization said that a compromised file, generated in 2015, is the source of the security incident. In total, roughly three million records were exposed, revealing the names, telephone numbers, email addresses, and cities where clients were registered. While UniCredit caters to an international…
Read More
28 Oct 2019
By Mary

InfoSec News Nuggets 10/28/2019

1 - Facebook starts testing News, its new section for journalism Facebook’s news section, which was previously reported to be imminent, is here: The company is rolling out Facebook News in a limited test in the U.S. as a home screen tab and bookmark in the main Facebook app. In a blog post, Facebook’s Campbell Brown (vice president of global news partnerships) and Mona Sarantakos (product manager, news) said that news articles will continue to appear in the main…
Read More
24 Oct 2019
By Mary

InfoSec News Nuggets 10/24/2019

1 - Ransomware Hits B2B Payments Firm Billtrust Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week.  The company said it is in the final stages of bringing all of its systems back online from backups. With more than 550 employees, Lawrence Township, N.J.-based Billtrust is a cloud-based service that lets customers view invoices, pay, or request bills via email or fax. In an email sent to customers today, Billtrust said…
Read More
23 Oct 2019
By Mary

InfoSec News Nuggets 10/23/2019

1 - Vatican's wearable rosary gets fix for app flaw allowing easy hacks The road to internet-connected salvation is paved with cybersecurity issues. The Vatican discovered that Thursday, after a security researcher disclosed a severe vulnerability with the "Click to Pray" eRosary app. On Wednesday, the Vatican announced its $110 wearable rosary, an internet of things device that syncs with an app from the Pope's Worldwide Prayer Network. One advantage of IoT devices is that they open up a…
Read More
03 Oct 2019
By Mary

InfoSec News Nuggets 10/03/2019

How an AI trained to read scientific papers could predict future discoveries In the new study, an AI learned to retrieve information from scientific literature via unsupervised learning. This has remarkable implications. So far, most of the existing automated NLP-based methods are supervised, requiring input from humans. Despite being an improvement compared to a purely manual approach, this is still a labour intensive job. However, in the new study, the researchers created a system that…
Read More
06 Sep 2019
By Mary

InfoSec News Nuggets 9/6/2019

A Chinese APT is now going after Pulse Secure and Fortinet VPN servers A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month. The attacks are being carried out by a group known as APT5 (also known as Manganese), ZDNet has learned from sources familiar with the attacks. According to a FireEye report, APT5 has been…
Read More
29 Aug 2019
By Devon

InfoSec News Nuggets 8/29/2019

1 A new IOT botnet is infecting Android-based set-top boxes A new IoT botnet named Ares is infecting Android-based devices that have left a debug port exposed on the Internet. Among this botnet's most common victims are Android set-top boxes manufactured by HiSilicon, Cubetek, and QezyMedia, cyber-security firm WootCloud said today. The attacks aren't using a vulnerability in the Android operating systems, but are exploiting a configuration service that has been left enabled and unprotected…
Read More