Breaching News: Week of 10/19/2018

By Jen Trang Nguyen, MDS

Welcome to our series of blog posts dedicated to Cybersecurity Awareness Month! This month, we will update you with the latest security news, share some tips and tricks as well as a special announcement about our very own Cybersecurity Techxpo on October 23, 2018 here in NYC. Stay tuned!

This week, alongside with news about political hackings and breaches, we are exploring IoT vulnerabilities and some cybersecurity training and practice tips.


1. US voter records from voter databases of 19 states sold on Dark Web for $42,200

Hackers have been, and are selling citizens’ data on the dark web. This incident is particularly critical, given how close the midterm elections are. 

2. Overboard: How Tea Party Campaign Assets Were Exposed Online

The Tea Party Patriots Citizens Fund (TPPCF)’s call lists containing full names and phone numbers for over 527,000 individuals were publicly exposed in a misconfigured Amazon S3 bucket.

3. Tumblr fixes a security flaw that exposed account info

Remember Tumblr, everyone’s favorite blogging platform circa 2010? It had a bug that could allow you to obtain other people’s sensitive account information. 

4. Pokemon Go cheaters might inadvertently learn GPS spoofing 

Users who utilize Pokemon Go for fun, exercising, or socializing might have learned GPS spoofing as well. Who says gaming brings no advantages?

5. Smart speakers at work? BlackBerry security expert warns on risk

Alexa, play “Stayin’ Alive” by the Bee Gees. The smart speakers, along with other IoTs, pose security risks in the workplace.

6. Hackers Target IoT-Enabled Appliances To Spark Blackouts

Hackers can use appliances that are connected via the Internet of Things (IoT) to set off widespread blackouts, according to a study by Princeton University. Yes, they can spoof your refrigerator, washing machines, and probably your Alexa-enabled smart microwave in the future.

7. Learn lessons from attacks, says McAfee investigations chief

Organizations should treat every cyber attack as an opportunity to learn, as they can identify their infrastructure weaknesses and improve their security measures.

8. Where there is risk, there are rewards: educating for careers in cybersecurity

The cybersecurity skills gap can be closed by attracting new talent to the industry, says Marie Hattar of Keysight Technologies.



That’s it for this week’s breaching news. Stay tuned for next week!

Don’t wait until sensitive data is already in the sticky hands of hackers to react to a breach. Stay proactive with MDS and work with us to build out a custom, company-wide security protocol that is effective and easy to maintain.

Pulling the plug doesn't have to be your only security solution.

Don’t become part of a rising statistic — ensure your company is armed against a security hack.