Saturday Security Spotlight: Malware, AWS, and US Defense

    This post was originally published here by  Jacob Serpa.

    Here are the top cybersecurity stories of recent weeks:

    • AndroRAT malware spies on Android users
    • Smart TVs easily hackable
    • BuckHacker tool finds unsecured data in AWS buckets
    • Octoly breach exposes social media stars’ personal data
    • Russian hackers target US defense contractors

    AndroRAT malware spies on Android users

    A new type of malware targeting Android devices gives hackers extensive control over users’ phones. The threat allows malicious parties to use devices’ microphones (to record audio), cameras (to take pictures) and files (to steal information). This is obviously a large privacy concern for Android users around the world.

    Smart TVs easily hackable

    As new types of devices connect to the internet, nefarious individuals have more targets to attack. In particular, Samsung and Roku televisions were recently deemed to have multiple vulnerabilities. Hackers can target certain security gaps to control volume, channel, and more. This raises additional privacy concerns around consumers being monitored within their homes.

    BuckHacker tool finds unsecured data in AWS buckets

    Whitehat hackers recently created a tool that uncovers publicly available information resting within AWS buckets. While the tool is designed to help organizations uncover their misconfigurations within AWS, it also highlights the growing ease with which malicious hackers can steal unsecured data in the cloud. 

    Octoly breach exposes social media stars’ personal data

    Brand marketing company Octoly was recently the victim of a breach, leaking the personal information of over 12,000 social media celebrities through, once again, an unsecured AWS S3 bucket. Data was exposed in the cloud for about a month before the vulnerability was noticed. 

    Russian hackers target US defense contractors

    Hackers belonging to the Russian Fancy Bears group have been targeting US defense contractors. In an attempt to steal information about secret military technology and projects, they have been using targeted phishing emails. This can obviously have extensive ramifications for the country’s national security.

    In order to address leaks, hacks, and malware, organizations must utilize next-gen security solutions. To learn about cloud access security brokers, download the Definitive Guide to CASBs.

    Photo:BlogVault

    Ad

    No posts to display