Week 09

Believe it or not, but any computer connected to the Internet is vulnerable to cyber attacks.

With more money at risk and data breaches at a rise, more certified cybersecurity experts and professionals are needed by every corporate and organisation to prevent themselves from hackers and cyber thieves.

That’s why jobs in the cybersecurity field have gone up 80% over the past three years than any other IT-related job. So, this is the right time for you to consider a new career as a cybersecurity professional.

Cybersecurity experts with industry-standard certification are coming from a wide range of backgrounds, who prepare themselves to protect computer systems and networks from viruses and hackers.

https://thehackernews.com/2017/06/cyber-security-certification-training.html

Uber has agreed to an updated settlement with the Federal Trade Commission (FTC). The organization was charged last year for deceiving customers with its privacy and data security practices. The new settlement considers Uber’s massive 2016 data breach. In the original settlement, the FTC reported that Uber failed to live up to its claims that it closely monitored employees’ access to rider and driver data. Additionally, it failed to live up to that it implemented measures to secure personal data on the third-party cloud servers. After the original settlement, FTC learned that Uber failed to disclose a breach of user data. As a result, FTC updated its complaint to note that Uber knew about the breach and paid the attackers $100,000 through a “bug bounty program” to keep things quiet. In the new agreement, Uber is required to disclose future incidents involving consumer data and all reports from required third-party audits of its privacy program.

https://www.darkreading.com/attacks-breaches/uber-agrees-to-new-ftc-settlement-over-2016-breach-disclosure/d/d-id/1331525

“Finland’s 3rd Largest Data Breach Exposes 130,000 Users’ Plaintext Passwords”

Finland’s citizens had their credentials compromised in a large data breach. Hackers attacked a new Business Center in Helsinki, a company that provides business consulting and planning and stole over 130,000 user’s credentials which were stored website database in plain-text without using any cryptographic hash.

Take-away: As part of their Incident Response plan, they reported the incidence to Helsinki Police authorities and publicly responded with their comments and steps taken towards investigating this data breach.

Ref. Link:
https://thehackernews.com/2018/04/helsingin-uusyrityskeskus-hack.html

 

https://www.cnbc.com/2018/03/15/pentagon-confirms-hack-attempt-against-defense-department-credit-card-holders.html

There is a confirmation from Pentagon that there was a hacking attempt against an online financial services portal of Defense Department which is managed by Citigroup. Citi provides consumers, corporations, governments and institutions with broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services and wealth management.

The hack was made to access several Citi credit card accounts of the Department of Defense and it also stated that there was a large no. of attempts that almost crossed 1 Million attempts. The confirmation came after a day when Citigroup told to a news channel that a “malicious actor” attempted to gain access to information for Pentagon-linked credit card accounts. The bank also responded to the channel’s company saying that the attack came from a computer that was randomly guessing cardholder account credentials and also the bank told that “No data compromise occurred”.