At a glance.
- What was the T-Mobile hacker thinking?
- The EU warns against using browser histories in credit ratings.
- Error in IoT surveillance cameras.
- EskyFun data exposure.
- The FBI describes the Hive ransomware.
Alleged T-Mobile attacker shows up.
One hacker admits to the massive data breach at T-Mobile, and his criticism of the security systems of the mobile phone provider is anything but positive. John Binns, an American living in Turkey, told the Wall Street Journal that he used a simple, publicly available tool to penetrate T-Mobile’s “terrible” defense mechanisms. He searched the T-Mobile websites for vulnerabilities and then discovered an unprotected T-Mobile router in which he found access data that gave him access to one hundred of the company’s servers. Binns has not disclosed whether he was paid to perform the hack or whether he successfully sold the data, but he claims his motivation wasn’t monetary. He says his aim was to “make noise” to draw attention to his alleged abuse by the US government, including an alleged kidnapping that took him to a “wrong” mental hospital.
The EDPS does not recommend using internet history for credit checks.
The European Data Protection Supervisor (EDPS) has stated that an individual’s personal internet history should not be used to assess creditworthiness, reports The Record by Recorded Future. “[T]The EDPS considers that deriving consumer credit risk from data such as search query data or online browsing activity cannot be reconciled with the principles of purpose limitation, fairness and transparency and the relevance, appropriateness or proportionality of the data processing “, notes the agency firmly. The EDPS also advised against using health data or other special categories of personal data under Article 9 of the General Data Protection Regulation as this could lead to unfair treatment of consumers. The recommendation came in response to an International Monetary Fund blog post last year claiming that studying this type of data could lead to more accurate credit ratings.
Failure detected in IoT security cameras.
Nozomi Networks Labs announced the discovery of a critical remote code execution vulnerability in the web service of the Annke N48PBB Network Video Recorder (NVR) that would allow an intruder to access or delete footage, reconfigure alarms, or even the system shut down completely. NVRs are the primary target for malicious actors seeking access to the company’s surveillance systems. After Annke was informed of the problem, she immediately released a firmware patch.
Data leak makes player data a fair game.
vpnMentor describes the data breach at EskyFun, a China-based developer of Android role-playing and fantasy games. An unsecured server was discovered containing over 360 million records of sensitive user data, including IP addresses, IMEI numbers, device models, and event logs. The impact of the leak was compounded by EskyFun’s seemingly unnecessary tracking of player actions, extremely wide permission settings, and in the wrong hands, the data could be used to hijack player accounts, carry out brute force attacks, or even corporate espionage against the developer.
We heard from Niamh Muldoon, Senior Director of Trust and Security at OneLogin, who basically regards such incidents as a cultural phenomenon:
“Organizations need to focus on their safety culture and set the tone at the top of the organization. Build high performing teams that incorporate the security voice and input into the design and architecture phases. Organizations should measure, monitor, and reward teams for implementing security requirements throughout their project development lifecycle, and recognize those who have a security mindset. “
The FBI warns of Hive ransomware attacks.
The US Federal Bureau of Investigation has issued a warning detailing the risks posed by Hive ransomware attacks, Bleeping Computer reports. The recommendation highlights why Hive attack techniques that include killing backup processes, deleting shadow copies, and providing a hive.bat script that removes itself after deleting the Hive executable malware, their detection and defense extremely difficult. First observed in late June, Hive carried out attacks against over thirty organizations this summer alone.