Week of May 19, 2017


Week of May 19, 2017

DocuSign Users Sent Phishing Emails After Data Breach*:

  • Electronic signature service provider DocuSign has admitted customer email addresses were accessed in a data breach.
  • The addresses were then targeted in a series of phishing emails from “a malicious third party”.
  • The messages invited recipients to click on a link to a Microsoft Word document containing malware.
  • DocuSign says that no other information was accessed in the incident, and the e-signature service remained secure.
  • The company has advised people to delete any suspicious messages immediately.
  • A malicious third party gained temporary access to a separate, non-core system that allows DocuSign to communicate service-related announcements to users via email.
  • The emails included the DocuSign branding and appeared to come from addresses ending in “”.
  • The malware contained in the attachment could be used to steal passwords and banking credentials.

*Source: BBC, May 17, 2017


Zomato Breach Exposes 17 Million Users*:

  • Some 17 million users are said to have been affected after restaurant search platform Zomato was breached.
  • The firm’s chief technologist said the stolen information included user IDs, names, usernames, email addresses and password hashes with salt, but no financial information was compromised.
  • All passwords were immediately reset and users locked out of their accounts and forced to log back in following the incident.
  • The company managed to make contact with the hacker who breached the site and the hacker has agreed to destroy all copies of the stolen data if Zomato introduces a bug bounty program to find security vulnerabilities.
  • Zomato is urging its 6.6 million users with exposed passwords to change them on other services they may have also used them to access.

*Source: InfoSecurity Magazine, May 19, 2017


United Flight Attendant Reportedly Posted Cockpit Access Codes Online*:

  • A United Airlines employee posted security codes online that are used to access the cockpit, possibly compromising security.
  • Access codes are a security measure airlines use to request access to the cockpit.
  • The flight attendant who posted the information did so by accident according to reports.
  • United said it used multiple methods, including access codes, to ensure security.
  • The company said in a statement that, “We have learned that some cockpit door access information may have been made public.”
  • The company also noted that other security measures and protocol ensure that their cockpits remain safe.

*Source: Business Insider, May 15, 2017


Singapore University Breaches Reveal Wider Attack Surface to Safeguard*:

  • Two Singapore universities suffered APT (advanced persistent threat) attacks last month, with the hackers specifically targeting government and research data.
  • The universities notified Cyber Security Agency of Singapore (CSA), the government agency tasked with overseeing the country's cybersecurity operations, which helped both institutions conduct forensic investigations into the attacks.
  • CSA determined that the breaches were the result of APT attacks and were carefully planned.
  • Critical IT systems, such as student admissions and databases containing examination documents, were not affected, and CSA said “the objective may be to steal information related to government or research.”
  • The agency said it was helping the universities with incident responses and measures to further mitigate any potential impact.
  • An executive at CSA said the agency knows who did it and what they were after; they also said no classified data was stolen.
  • In its bid to contain potential data leaks, the Singapore government last June said it was restricting internet access on all computers used by civil servants.
  • The Singapore government had been actively involved in various data research efforts as well as increased its collaboration with industry players.
  • Its efforts to digitally transform the nation and prep its citizens for a digital economy are commendable and should be encouraged, but it also unravels a significantly wider attack surface on which malicious hackers can target.
  • Reducing the mean time to detect and respond must be the key objective for any cybersecurity infrastructure today.

*Source: ZD Net, May 14, 2017


The Massive, Worldwide Ransomware Attack was Stopped by a Researcher ‘Accidentally’*:

  • Organizations across the globe, including hospitals, telecom firms and automakers in Europe, were dealing with a massive cyber-attack that locked people out of their computers.
  • The ransomware demanded money in exchange for unlocking the computer systems, and thus giving people access to their data.
  • A young British security researcher stopped the attack – by accident.
  • The researcher saw that the ransomware system was routinely pinging an unclaimed web domain, and he claimed that domain in hopes of studying the ransomware’s activity.
  • In claiming the domain, he unknowingly killed the entire attack; the malware apparently only worked so long as the domain was unclaimed.
  • All of this was also possible because of a flaw in an old version of Microsoft Windows; the company released an update for the software following the attack.

*Source: Recode, May 13, 2017


Protect Yourself from the Latest Database Breach*:

  • A massive database of stolen passwords has surfaced online and while this database is composed largely of passwords from a variety of sources, many of them years old, its newfound accessibility is cause for concern.
  • Although "online safety" feels increasingly like an oxymoron these days, there are still steps you can take to protect yourself when breaches like this occur.
  • The most secure password in the world is useless if a hacker steals it, but it becomes much less useful if it's not the same password you use for every single log-in.
  • It’s essential that you employ a different password everywhere you conduct online affairs, and the only effective way to do that is with a password manager.
  • Short of a fingerprint reader, two-step verification (aka two-step authorization) may be the single best way to protect online accounts.
  • It is also a good idea to take the time to delete old, unused accounts so that a hacker can’t access personal information that might still be stored there.

*Source: CNET, May 16, 2017


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top