A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 72: Massive Myspace Hack, Cryptoworm Warnings and Breach Lawsuits Continue:
This week saw more news about password breaches as 427 million Myspace passwords and 65 million Tumblr passwords were put up for sale on the dark web. Scrum.org announced a potential data breach stemming from a vulnerability in third-party email server software. TeamViewer faced a DDoS attack and what the company claims are false accusations that it suffered a data breach. Australia’s NSW Trainlink halted its online reservation system due to a compromise. Pakistan’s Zameen real estate was hacked and had its entire database allegedly posted online. Trending advisories include warnings of a potential cryptoworm known as ZCrypt, the dormant FrameworkPOS campaign resurfacing, and Kovter malware targeting Fortune 500 companies by escalating from low-level adware to more advanced threats. The FBI also warned of data breach victims being extorted, and there was a vulnerability discovered in the popular WordPress Jetpack plugin. Legal stories include developments in the Anthem, CareFirst and Kroger breach lawsuits as well as warnings from the UK’s IOC and the largest ever arrest of Russian hackers. Finally, one apartment complex found a controversial new way to get Facebook likes.
Listen to the podcast via the player below, or learn more about SurfWatch Labs’ podcasts on our podcast page.