This Week in Security News: Trend Micro’s Zero Day Initiative Celebrates 15 Years and 24 Million Customers Affected after Experian Data Breach

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read how the Zero Day Initiative (ZDI) has awarded more than $25 million in bounty rewards to security researchers over the past decade and a half as it celebrates its 15th birthday. Also, learn about a new data breach from Experian affecting 24 million customers in South Africa.

Read on:

Bug Bounty Platform ZDI Awarded $25M to Researchers Over the Past 15 Years

Bug bounty platform pioneer Zero-Day Initiative (ZDI) awarded more than $25 million in bounty rewards to security researchers over the past decade and a half. In an anniversary post celebrating its 15-year-old birthday, ZDI said the bounty rewards represent payments to more than 10,000 security researchers for more than 7,500 successful bug submissions.

24 Million Customers Affected after Experian Data Breach

Leading consumer credit reporting agency Experian is in news again for a data breach. This week, a fraudster contacted the agency posing as a representative of a ‘legitimate client’ and obtained personal details of its South African customers. The company notes that it is an ‘isolated incident in South Africa involving a fraudulent data inquiry.’

Connected Security Solutions Helps City of Tyler’s CIO to Reduce Costs While Enabling Delivery of Enhanced Community & Public Safety Services

Benny Yazdanpanahi, CIO for the City of Tyler, knows that a highly secure IT environment is essential to the city’s continued success. To accomplish their security goals with limited resources and staff, Tyler’s leaders have been collaborating with Trend Micro for several years. Read this blog to learn more about how Trend Micro has strengthened the city’s security posture and empowers the IT team to focus on serving the community.

Over 94% of Cyber Attacks Involve Email: VP of Trend Micro’s Cyber Security

Greg Young, vice president of cybersecurity at Trend Micro, joins BNN Bloomberg to discuss his take on the Canada Revenue Agency (CRA) attack and Trend Micro’s new report on security risks for remote working since the pandemic lockdown. Watch the video to learn more.

The Cybersecurity Blind Spots of Connected Cars

With more people relying on connected car technologies for safety, accessibility, and infotainment—and with connected cars producing up to 30 terabytes of data each day—it’s important to keep connected cars protected against a range of ever-evolving risks and threats. Trend Micro’s recent research paper offers an examination of the cybersecurity blind spots of connected cars to help developers and manufacturers create secure and smart vehicles.

How Unsecure gRPC Implementations Can Compromise APIs, Applications

In this blog, Trend Micro discusses the security pitfalls that developers might face when shifting to gRPC and implementing gRPC in their projects. Because secure gRPC APIs play a pivotal role in overall application security, Trend Micro provides recommendations on how to protect gRPC implementations from threats and mitigate against risks.

Human Error Threatens Cloud Security

Virtually all security professionals believe that human error could put the security of cloud data at risk, according to new research published this week. A survey commissioned by Tripwire and carried out last month by Dimensional Research found that 93% of security professionals were concerned that human error could result in the accidental exposure of their cloud data.

Influential Facebook Brand Pages Stolen via Credential Phishing

Trend Micro has observed an increase in the number of compromised Facebook pages of influential personalities since June. Through an analysis of the surge, we found fake Facebook accounts posting notification messages on pages allegedly hacked with an attached link. The fake accounts also steal the owner or admins’ credentials to sell the page, change the details and name, and/or disguise the page to make another phishing account. 

Malicious Docker Hub Container Images Used for Cryptocurrency Mining

Increased adoption of containers has given rise to a range of potential threats to DevOps pipelines. Many of the attacks Trend Micro observed involved the abuse of container images to carry out malicious functionalities. For Docker-related threats, Trend Micro recently encountered an attack where the threat actor uploaded two malicious images to Docker Hub for cryptocurrency mining.

How Hackers Bled 118 Bitcoins Out of Covid Researchers in U.S.

Hackers locked down several servers used by the epidemiology and biostatistics department at the University of California at San Francisco and wanted a $3 million ransom to give them the keys. Transcripts reveal University of California at San Francisco’s weeklong negotiation to free its ransomware-locked servers. The haggling worked, sort of.

Threat Recap: Darkside, Crysis, Negasteal, Coinminer

In the past few weeks, Trend Micro has spotted notable developments for different types of threats. For ransomware, a new family named Darkside surfaced, while operators behind Crysis/Dharma released a hacking toolkit. For messaging threats, a targeted email campaign was used to propagate Negasteal/Agent Tesla. For fileless threats, a coinminer was seen bundled with legitimate applications.

Diving into End-to-End Deep Learning for Cybersecurity

New methods for detecting threats using AI challenges the need for human input and involves end-to-end deep learning solutions, which are being touted as the next big thing in malware detection. In the pipeline of such solutions, expert handcrafted input is replaced with ones provided by automated processes. The absence of expert handcrafted input gives rise to the question of whether human input is still relevant in the process of developing an efficient AI-powered cybersecurity solution.

Black Hat Trip Report – Trend Micro

At Black Hat USA 2020, Trend Micro presented two important talks on vulnerabilities in Industrial IoT (IIoT). The first discussed weaknesses in proprietary languages used by industrial robots, and the second talked about vulnerabilities in protocol gateways. Any organization using robots, and any organization running a multi-vendor OT environment, should be aware of these attack surfaces. In this blog, find a summary of the key points from each talk.

Have you seen an uptick in hacked Facebook pages recently? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.