Publication of a massive cache of user credentials – relating to 773 million email addresses – was hailed as one of the largest data breaches in history, creating new challenges for corporate and consumer security.
The risk from poor Internet of Things (IoT) security is compounding as attackers use AI to design and execute increasingly ferocious ‘swarmbot’ attacks that are learning to operate autonomously inside a target network.
Around half of companies have no way to even know whether their IoT devices have been compromised, according to new research that also found respondents expect governments to take initiative for mandating IoT security standards.
Speaking of government involvement, more than 130 US government websites are now missing current digital certificates for verifying their identity, as the unintended repercussions from the ongoing government shutdown continue to bite.
The Rocke coin miner was found to be disabling several cloud-security tools, while researchers reported Android banking Trojan apps that use the device’s motion sensor to hide themselves when the device is stationary – and, therefore, might be scanned by an antivirus tool.
US authorities charged hackers for illegally accessing private earnings reports that helped them make millions in a dodgy investment scheme.
Finally, a fix was released to address a new zero-day Windows exploit that could allowed attackers to take full control of compromised systems.