Members of British Parliament Targeted by Phishing Attack
Dozens of MPs from the UK were recently subjected to malicious spam and unauthorized solicitations via their mobile devices. Fortunately, as this wasn’t the first phishing attempt on MPs, many were quick to delete any unusual messages and quickly warned others to do the same. Due to the ease of mounting such an attack, phishing campaigns can be extremely effective, especially when deploying social engineering tactics to increase the victim pool.
Major African Utility Company Breached
One of the largest energy providers on the African continent suffered a data breach this week, brought on by an employee downloading a game onto a corporate device. Along with introducing a fairly sophisticated banking Trojan onto the system, the employee also allowed for a database containing sensitive customer information to be made available to the attackers. Even more worrisome, the utility company was only made aware of the breach after an independent security researcher attempted to contact them about the stolen data via Twitter.
Cryptocurrency Exchange Collapses After CEO Death
A Canadian-based cryptocurrency exchange was recently faced with a major dilemma after the untimely death of their CEO and only person to have access to the offline coin storage wallet. With more than $100 million worth of cryptocurrency current tied up in the exchange, many customers quickly found themselves without access to their funds, possibly indefinitely. Having a single point of failure is a critical, and easily avoidable, issue for any digital company.
Fast Food POS Breach
A new breach has been discovered that could affect any customers who paid with a credit card at any Huddle House fast-food locations over the past two years. While the specific malware variant is still unknown, there were obvious signs of credential stealing and other information gathering tactics. Huddle House has since been working with law enforcement and credit companies to help potential victims with credit monitoring.
Google Play Removes Porn Apps
In another wave of cleaning up the Google Play store, the company recently removed 29 apps that were disguised as photo or camera apps but would instead steal user photos and display a steady stream of pornographic advertisements. The apps had all been downloaded between 100,000 and 1 million time each, and were often extremely difficult to remove, even hiding the app icon entirely. Additionally, some of the apps would display as a photo editor, encouraging users to upload any extra pictures that weren’t already stolen.