This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On May 31, 2019

Tuesday 5/28

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc

Since that leak, rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, A.T.M.s and factories that produce critical vaccines. Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves.

Title insurer exposes millions of mortgage records in data breach

First American Financial Corp. “kept the digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images” on an open server “available without authentication to anyone with a Web browser.”

Security researcher spots a macOS malware vulnerability that’s not yet patched

Watch out for this potential vulnerability if you're opening up apps on a Mac: a security researcher has worked out a way that malware makers can bypass the macOS Gatekeeper protections to run malicious code. The key is in the way macOS handles network shares and treats them as safe: the system could be tricked into opening a zip file archive that contains malicious code.

Wednesday 5/29

FireEye Buys Startup Verodin For $250M To Find Security Gaps

The purchase of Verodin will make it easier for FireEye customers to reliably and consistently quantify cyber risk in a way that's understandable to both frontline technicians as well as the board room, said FireEye CEO Kevin Mandia.

Thursday 5/30

Malware and botnets: Why Emotet is dominating the malicious threat landscape in 2019

Such is the power of Emotet that analysis by security company Proofpoint has found that the malware accounted for almost all of the botnet payloads delivered by email between January and March 2019 – and botnets accounted for 61% of all malicious payloads sent in phishing messages during that period.

Flipboard reveals data breach, which left users’ details exposed

The news aggregation app announced in a post that it had identified unauthorized access of some of its internal systems, which contained some Flipboard users' account information and credentials. For more than nine months, the unauthorized person had access to Flipboard's systems, potentially able to obtain copies of databases which hosted users' information.

Friday 5/31

McAfee Collaborates with Amazon Web Services to Bring Enhanced Database Security to the Cloud

McAfee today announced McAfee® Database Security for Amazon Relational Database Service (Amazon RDS), strengthening the company’s relationship with Amazon Web Services (AWS) and shared commitment to offer cloud-based security solutions. This new product delivers real-time visibility into virtually all database activity, including local privileged user access and offers the ability to monitor and thwart sophisticated attacks from within the database.

It’s the middle of the night. Do you know who your iPhone is talking to?

App trackers are like the cookies on websites that slow load times, waste battery life and cause creepy ads to follow you around the Internet. Except in apps, there’s little notice trackers are lurking and you can’t choose a different browser to block them.

Cybersecurity: The number of files exposed on misconfigured servers, storage and cloud services has risen to 2.3 billion

Over 2.3 billion files -- including sensitive data like payroll information, credit card details, medical data and patents for intellectual property -- are exposed publicly online, putting both people and organisations at risk of data theft, cybercrime, espionage and other malicious activities.