Bitglass Security Spotlight: Veeam, Mongo Lock, Password Theft, Atlas Quantum & the 2020 Census
Blog Article Published: 10/31/2018
By Jacob Serpa, Product Manager, Bitglass
Here are the top cybersecurity headlines of recent weeks:
—440 million email addresses exposed by Veeam
—Unprotected MongoDB databases being targeted
—42 million emails, passwords, and more leaked
—Cold-boot attacks steal passwords and encryption keys
—2 billion devices still vulnerable to Bluetooth attack
—Atlas Quantum, cryptocurrency platform, breached
—Security concerns around the 2020 census
—Air Canada's mobile app breached
—WellCare breach exposes data of 20k children
Data management company Veeam has ironically mismanaged hundreds of millions of users' data. A public-facing database exposed 440 million users' email addresses, names, and, in some circumstances, IP addresses. While this leak may seem innocuous, names and email addresses are all that is needed to conduct targeted spear phishing attacks.
The rise of the Mongo Lock attack is seeing improperly secured, poorly configured Mongo DB databases being targeted in a ransomware-like fashion. In these attacks, hackers scan for publicly accessible databases, remove their contents, and demand a Bitcoin ransom in exchange for having data returned.
A public hosting service that allows individuals to upload files for free was recently found to contain a massive amount of personal data. Over 42 million email addresses and passwords, as well as partial credit card numbers, were found within the platform. As noted in the Veeam section, hackers can easily use this type of data to conduct targeted spear phishing campaigns and steal more sensitive information.
A new cold-boot attack can take information in under two minutes from unsuspecting victims. The attack, which is further detailed at the above link, involves stealing information from RAM, or random access memory. Through this tactic, passwords and even encryption keys can be stolen. Fortunately, hackers need physical access to a computer to execute this kind of technique. Rather than allowing a system to sleep, forcing it to hibernate or shut down is a helpful defense.
One year ago, BlueBorne, a collection of vulnerabilities in devices that leverage Bluetooth, was revealed. Unfortunately, despite the fact that an entire year has gone by, 2 billion devices remain exposed. This is due to systems that have not been patched, systems that cannot be patched, and more.
Well-known cryptocurrency platform Atlas Quantum was recently found to have been breached. 261,000 of the company's users had their names, account balances, email addresses, and phone numbers exposed. While the company initially declined to disclose the circumstances surrounding the breach, it did state that users' cryptocurrencies were safe – it was merely information that was stolen.
In the US, the Government Accountability Office has concerns about the cybersecurity of the Census Bureau. The bureau is reported to have thousands of security vulnerabilities – dozens of which are identified as highly risky and dangerous. Naturally, as conducting a census involves collecting data from countless citizens, these security gaps must be filled before the next census in 2020.
Late last month, Air Canada's mobile app was found to have been breached. While it was only 1% of the application's 1.7 million users that were affected, it was still 20,000 individuals who had their names, phone numbers, passport numbers, and dates of birth exposed.
In WellCare Health Plans' recent breach, 20,000 children had their PHI (protected health information) exposed. The information's security was compromised when WellCare accidentally mailed letters to the wrong addresses. Exposed data included children's names, ages, and healthcare providers.
Learn about cloud access security brokers (CASBs) and how they can defend against the rising tide of data breaches.
Trending This Week
#1 What You Need to Know About the Diaxin Team Ransomware Group
#2 How ChatGPT Can Be Used in Cybersecurity
#3 Mitigating Security Risks in Retrieval Augmented Generation (RAG) LLM Applications
#4 The 6 Phases of Data Security
#5 Roadmap to Earning Your Certificate in Cloud Security Knowledge (CCSK)
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.