91% of Critical Incidents Involve Known, Legitimate Binaries Like PowerShell According to New Threat Report

91% of Critical Endpoint Security Events Leverage PowerShell to Cloak Detection When Targeting Midsized Businesses – eSentire Notes MSPs, Trusted Cloud Platforms, and Consumer-Grade Routers Also Pose Problems

CAMBRIDGE, ONTARIO – June 27, 2018 – Opportunistic threat actors are leveraging trusted tools, like PowerShell, to retrieve and execute malicious code from remote sources. According to a new cyber threat report from eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, 91% of endpoint incidents detected in Q1 2018 involved known, legitimate binaries, such as PowerShell or mshta.exe. These processes are used by opportunistic and targeted threats alike, allowing them to circumvent basic controls to deliver and install malware.

http://brn.firetrench.com

Continue reading

Exactis leaked personal information database with 340 million records

It was reported yesterday that earlier this month, Exactis, a data broker based in Florida, had exposed a database containing nearly 340 million individual records on a publicly accessible server. The nearly 2 terabytes of data appears to include the personal information of hundreds of millions of American adults and millions of businesses. The leak doesn’t appear to contain any credit card information or social security numbers. It does however go into some detail for each individual listed, including phone numbers, home and email addresses, and other personal characteristics.

http://brn.firetrench.com

Continue reading

Hundreds of Hotels Hit in FastBooking Breach

It was reported yesterday that FastBooking, a Paris-based provider of hotel-booking software, is alerting client hotels to a data breach in which an attacker lifted personal information and credit card data from guests of hundreds of properties. The breach took place on June 14, says FastBooking, which states it works with 4,000 partner hotels in 100 countries.

http://brn.firetrench.com

Continue reading

Swann home security camera sends video to wrong user

The BBC is reporting that a leading security camera maker has sent footage from inside a family’s home to the wrong person’s app. Swann Security has blamed a factory error for the data breach – which was brought to its attention by the BBC – and said it was a “one-off” incident. However, last month another customer reported a similar problem saying his version of the same app had received footage from a pub’s CCTV system.

http://brn.firetrench.com

Continue reading