This Week in Security News: Security and Privacy Issues

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, understand how Trend Micro™ Deep Security™ service will be integrating with AWS Security Hub. Also, learn how to prevent risks and secure machine-to-machine communications over Message Queuing Telemetry Transport and Constrained Application Protocol.

Read on:

AWS Security Hub and Deep Security

AWS Security Hub provides a comprehensive view of your high priority security alerts and compliance status for your AWS deployment.  

Marriott Says Breach of Starwood Guest Database Compromised Info of Up to 500 Million

Marriott International announced that the private information of up to 500 million guests may have been accessed as part of a breach of its Starwood guest reservation database.

Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities

Trend Micro found hundreds of thousands of misconfigured hosts that exposed credentials, sensitive information, and industry-related process data. 

Cyber crooks increasingly targeting home devices: report

Cyber criminals are shifting their attention from traditional computers to internet-connected devices in Canadian homes, says the government’s cyber security agency.

Quora Discloses Mega Breach Impacting 100 Million Users

Quora, one of the largest question-and-answer portals on the Internet, announced that hackers gained access to its servers and stole information on about 100 million of its users, which is approximately half of the site’s total userbase. 

Hacker Infects Node.js Package to Steal from Bitcoin Wallets

A Node.js module with nearly two million downloads a week was compromised after the library was injected with malicious code programmed to steal bitcoins in wallet apps. 

MQTT and CoAP: Security and Privacy Issues in IoT and IIoT Communication Protocols

Trend Micro looked into MQTT brokers and CoAP servers around the world to assess IoT protocol security and ways to prevent risks and secure machine-to-machine (M2M) communications over MQTT and CoAP. 

Exclusive: Emails of Top NRCC Officials Stolen in Major 2018 Hack

The House GOP campaign arm suffered a major hack during the 2018 midterm campaigns, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. 

Smart Cities: Could These IoT Design Flaws Put The Lights Out?

Trend Micro discovered that two popular IoT protocols are insecure by design, putting both ‘Industry 4.0’ smart factory implementations and smart cities at risk.

Spam Campaign with .PUB Attachment Delivers RAT, Targets Food and Retail Brands

The cybercriminals behind this spam campaign may be taking advantage of using .PUB files as the macro-downloader during the busiest quarter of the year for businesses according to Trend Micro.

Were you excited about AWS’s Security Hub announcement? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.