Exactis, a data broker in Florida, publically exposed 340 million records and 2 TB of PII data to the world. A security researcher using Shodan was able to find the information on an exposed ElasticSearch Server
Reported by Wired
Due to new cybersecurity merit badge, Girl Scouts have been learning to hack and pick locks. The new badge is part of a continued effort to get girls involved in STEM early.
Reported by Popular Mechanics
A free decrypter for the Thanatos ransomware has been released. The Cisco Talos team discovered that the seed for the encryption keys is the number of milliseconds since the last reboot and was able to create a method to brute force this information.
Reported by HackerNews
Reality Winner, who leaked government documents to the newspaper Intercept, was tracked due to microdots on her linked documents. Microdots are relatively common and printed off on papers to help trace them back to the origin printer. In the unrelated, yet timely news, a new team of researchers has released a technique to obfuscate microdots while printing.
Reported by Graham Cluley
WPA3 Wi-Fi released making brute forcing of passwords on devices more difficult. While it will be required on all new devices, vendors will need to install updates on older routers.
Reported by CNET
A South Korean faces jail-time for making $180,000 making and selling an Overwatch hack. In 2016, South Korea created a law criminalized various cheats in games, but these fines are much harsher than others issued.
Reported by PCGamer
Despite increasing laws, it is still difficult to determine what is a breach and how to report them. Although stricter laws are coming into place, experts are debating if that will just force companies to recharacterize what occurred.
Reported by Government Technology
In the book “The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age” author David Sanger claims that Mandiant attributed attacks on Fortune 500 companies to the criminals by breaking into their computers and using their webcameras to observe them breaking into organizations. FireEye has issued a public statement that the book is a “serious mischaracterization of our investigative efforts.”
Reported by Cyber Snoop
Matt Dietrich stated Illinois became the cybersecurity “poster child,” after 76.000 voter records were breached in 2016. Election officials recently announced that almost $14 Million will be spent on new defenses to prevent it from happening again.
Reported by the State Journal Register
There has been some debate over an iPhone being susceptible for a brute force attack similar to the lightning cable attack recently patched. The newest attack is similar. However, it is much slower. Additionally, Apple has already released a statement that what appears on the phone is not what is happening in the backend and does not accomplish what is claimed.
Reported by Gizmodo