Saturday Security Spotlight: Malware, AWS, and US Defense

By Jacob Serpa, Product Marketing Manager, Bitglass

Here are the top cybersecurity stories of recent weeks:

—AndroRAT malware spies on Android users
—Smart TVs easily hackable
—BuckHacker tool finds unsecured data in AWS buckets
—Octoly breach exposes social media stars’ personal data
—Russian hackers target US defense contractors

AndroRAT malware spies on Android users
A new type of malware targeting Android devicesgives hackers extensive control over users’ phones. The threat allows malicious parties to use devices’ microphones (to record audio), cameras (to take pictures) and files (to steal information). This is obviously a large privacy concern for Android users around the world.

Smart TVs easily hackable
As new types of devices connect to the internet, nefarious individuals have more targets to attack. In particular, Samsung and Roku televisions were recently deemed to have multiple vulnerabilities. Hackers can target certain security gaps to control volume, channel, and more. This raises additional privacy concerns around consumers being monitored within their homes.

BuckHacker tool finds unsecured data in AWS buckets
Whitehat hackers recently created a tool that uncovers publicly available information resting within AWS buckets. While the tool is designed to help organizations uncover their misconfigurations within AWS, it also highlights the growing ease with which malicious hackers can steal unsecured data in the cloud.

Octoly breach exposes social media stars’ personal data
Brand marketing company Octoly was recently the victim of a breach, leaking the personal information of over 12,000 social media celebrities through, once again, an unsecured AWS S3 bucket. Data was exposed in the cloud for about a month before the vulnerability was noticed.

Russian hackers target US defense contractors
Hackers belonging to the Russian Fancy Bears group have been targeting US defense contractors. In an attempt to steal information about secret military technology and projects, they have been using targeted phishing emails. This can obviously have extensive ramifications for the country’s national security.

In order to address leaks, hacks, and malware, organizations must utilize next-gen security solutions. To learn about cloud access security brokers, download the Definitive Guide to CASBs.

Leave a Reply

The name and email fields are solely used to comment on posts. Cloud Security Alliance does no further processing of this data. See Section 3 of the CSA Privacy Policy for details.

Share this content on your favorite Social Network.