As we regretfully welcome the unofficial end of summer and bring the month of August to a close, Apple is also making some changes. In February, Apple made some critical updates to vulnerabilities that were discovered by security researcher Ian Beer of Google’s Project Zero after “Several months of careful analysis of almost every byte of every one of the exploit chains.”
From vulnerability disclosures to data breaches, ransomware threats, and hacker indictments, there’s been a lot going on across all sectors this week. Here’s a brief overview of some of last week’s top headlines.
Aug. 30. In a quest to grasp exactly how much the public knows about phishing attacks, Ruth Bashinsky, Cybercrime Magazine’s senior editor, polled consumers at one of the largest shopping malls in New York and found that nearly half of the 100 people interviewed were correctly able to explain a phishing scam.
Aug. 29. An attempt to use technology to boost student attendance in Sweden’s schools went sour after the Swedish Data Protection Authority (DPA) charged a school with a fine of 200,000 SKr (approximately $20,000) for testing facial recognition on its students without consent.
Aug. 29. Students around the world are returning to school, which has raised concerns around privacy and cybersecurity. Given that municipalities have been the victim of high profile ransomware attacks this year, industry leaders are trying to help the K12 sector be better prepared to detect and respond to threats from hackers.
Aug. 29. To address the skills shortage, officials in Louisiana announced the development of a cybersecurity training and operations center in Baton Rouge, a $1.5 million investment. The training center will comprise 11,000 square feet inside the Louisiana Cyber Coordination Center. Leased by the Louisiana National Guard, the center will be a training center for reservists.
Aug. 28. Cisco announced another acquisition, this time acquiring CloudCherry, which is reportedly the company’s fifth deal on record for 2019.
Aug. 28. The Magecart hacking group continues to collect e-commerce victims. This week more than 80 e-merchants across the US, Canada, Europe, Latin America and Asia were hit with a Magecart card-skimming attack. The news came only days after Jscrambler’s CTO had published tips to stop Magecart.
Aug. 28. The hacker believed to be responsible for the massive data breach at Capital One was indicted by a federal grand jury. The 33-year old suspect, Paige A. Thomspon was a former software engineer and is charged with two counts of unauthorized intrusion into the stored data of over 30 organizations.
Aug. 27. While McAfee is preparing to go public and is reportedly pursuing an initial public offering this year, the cybersecurity firm Imperva disclosed a data breach in which, “email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users,” were compromised KrebsonSecurity reported.
Aug. 26. Because ransomware attacks have become some prevalent, with small to mid-sized organizations being the primary targets, the National Guard has been called upon to provide emergency cyber-services in the same way they would respond to natural disasters.
Aug. 25. A new report reveals that phishing attacks are most commonly deployed on Tuesdays, and Microsoft ranked number one in the top ten brands most often exploited by attackers.