Security News > 2020 > November

A new type of campaign that involves cyber espionage is the latest example of a cybercrime being perpetrated by people for hire. In its new report "The CostaRicto Campaign: Cyber-Espionage Outsourced," BlackBerry describes the actions of a malicious campaign carried out by freelance mercenaries.

In this episode: When payments go astray, why "Just in case" cybersecurity warnings do more harm than good, how to shop safely on Black Friday and beyond, and what to do when all your emails disappear. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. How to change it? Oddly enough, the process for changing your Google account password isn't terribly intuitive.

The government of Finland said Thursday it was preparing legislation that would allow citizens to change their personal identity codes in cases of gross data breaches that carry a high risk of identity theft. The government's fast-tracked proposal was designed primarily to assist thousands of people whose personal information was stolen during a hacking of patient records at a private Finnish psychotherapy center.

The Dark Web/Darknet continues to be an environment for bad actors to share stolen credentials and discuss successful attacks. Just as there's a lot of bad on the Dark Web, there is also good - mostly in the form of intel that can be used to help protect organizations from attacks.

Child-friendly games website Animal Jam suffered a hack that exposed 46 million user records after a staff Slack channel was compromised by malicious people who discovered a private AWS key. Animal Jam chief exec Clary Stacey confirmed the hack after Bleeping Computer spotted information from the compromised AWS server being posted on stolen data bazaar raidforums[.

Outdoor retail giant The North Face has reset the passwords of an undisclosed number of customers following a successful credential stuffing attack that took place last month, on October 9th. Credential stuffing is a type of attack where threat actors make use of large collections of username/password combinations that were leaked in previous security breaches to gain access to user accounts on other online platforms. Immediately after detecting the attack after noticing suspicious activity involving the thenorthface.com website, the company implemented security measures to limit the account login rate from suspicious sources or showing a suspicious pattern.

Two security vulnerabilities in Schneider Electric's programmable logic controllers could allow attackers to compromise a PLC and move on to more sophisticated critical infrastructure attacks. There are two types of application protection available: Read protection protects the controller's application from being read by any unauthorized personnel at the engineering workstation; and the write protection protects the controller's application from unauthorized changes.

This post was originally published on November 7th. A Luxottica data breach has exposed the personal and protected health information of 829,454 patients at LensCrafters, Target Optical, EyeMed, and other eye care practices. In a "Security Incident" notification issued this week, Luxottica disclosed that their appointment scheduling application suffered a data breach after being hacked on August 5th, 2020.

People have preconceived notions of what threat intelligence is, so they make assumptions in conversations and those assumptions are rarely thought about, much less discussed. The assumption and filter is that threat intelligence equals external threat data.