Page 5 - Threat Intelligence 8-7-2019
P. 5

Security News
















             The Risk of Weak Online Banking Passwords - If you bank online and choose weak or re-used
             passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your
             bank offers multi-factor authentication as part of its login process. Crooks are constantly probing
             bank Web sites for customer accounts protected by weak or recycled passwords. Most often, the
             attacker will use lists of email addresses and passwords stolen en masse from hacked sites and then
             try those same credentials to see if they permit online access to accounts at a range of banks.
                    Source: https://krebsonsecurity.com/2019/08/the-risk-of-weak-online-banking-passwords/



             GitHub sued for aiding hacking in Capital One breach - Capital One and GitHub have been sued this
             week as part of a class-action lawsuit filed in California on allegations of failing to secure or prevent
             a security breach during which the personal details of more than 106 million users were stolen by a
             hacker. While Capital One is named in the lawsuit because it was its data that the hacker stole,
             GitHub was also included because the hacker posted details about the hack on the code-sharing site.
             The lawsuit claims that "decisions by GitHub's management [...] allowed the hacked data to be
             posted, displayed, used, and/or otherwise available." According to the lawsuit, details about the
             Capital One hack were available from April 21, 2019, to mid-July before they were taken down.
             "GitHub knew or should have known that obviously hacked data had been posted to GitHub.com,"
             the lawsuit claims..
                    Source: https://www.zdnet.com/article/github-sued-for-aiding-hacking-in-capital-one-
                    breach/



             3 out of 4 phishing scams get to your inbox untouched - How many times a day does your email
             inbox enjoy a phishing scam? A lot, according to a new UK study. Professor Steven Furnell offered a
             dim view of email providers, stating "The poor performance of most providers implies they either do
             not employ filtering based on language content or that it is inadequate to protect users. Given users'
             tendency to perform poorly at identifying malicious messages, this is a worrying outcome."

                     Source: https://www.zdnet.com/article/3-out-of-4-phishing-scams-get-to-your-inbox-
             untouched/



















                                                    www.accumepartners.com                                            5
   1   2   3   4   5   6   7   8   9   10