0161 513 0960Jack O'Sullivan
March 5 2021
Misconfigured cloud services are causing mobile apps to leak data
Thousands of iOS and Android applications have been caught leaking user data, due to developers not implementing the correct security controls. Huge amounts of mobile users' personal information was up for grabs: a transport app was found to be leaking payment data, a mobile wallet app was accidentally releasing session data and financial info, and medical apps were exposing test results alongside profile pictures of the people those results belonged to. Not ideal.
Around 14% of the 1.3+ million public cloud service-reliant apps that were scanned didn't have the right security settings in place. Network credentials, system configuration files, and server architecture keys were discovered online, and were relatively easy to access.
Security researchers who found the problem had this to say: “A lot of these apps have cloud storage that was not configured properly by the developer or whoever set things up and, because of that, data is visible to just about anyone. And most of us have some of these apps right now,” Read more here.
Star Alliance experiences a data breach
The aviation sector just can't catch a break this week. First it was Malaysia airlines suffering a cyber attack, now Star Alliance has also fallen victim to a data breach of its own.
The breach was the result of a "highly sophisticated" attack on Sita, Star Alliance's IT provider - and also a provider to Malaysia Airlines, New Zealand Air, Jeju Air (South Korea), as well as 90% of the global aviation industry. The breach resulted in vast amounts of frequent flyer data being exposed.
Sita had this to say: “We recognise that the Covid-19 pandemic has raised concerns about security threats, and, at the same time, cyber-criminals have become more sophisticated and active. This was a highly sophisticated attack.
Two new sophisticated ransomware strains have appeared
While the general public is worried about the Kent variant, and other nasty strains of Covid-19, security experts are bracing themselves for a whole new kind of nasty: advanced ransomware. Fancy some bad news to kick off the weekend? AlumniLocker and Humble have been located in the wild, and cyber criminals are more than ready to utilise this malicious code to extort your organisation for profit.
AlumniLocker boasts an advanced post-encryption technique and offers victims the opportunity to pay a whopping 10 bitcoin (almost £350,000) within 48 hours, or their data will be leaked. Cyber-criminals are increasingly utilising the double whammy of ransomware + a data breach = twice as much damage, and AlumniLocker just makes that easier.
Humble is no fun either, this extremely aggressive type of ransomware doesn’t even allow explorer.exe to view local storage drives, and will also threaten its victims that it'll rewrite their MBR if they try to restart their machine. On the bright side (if there is one) Humble gives targets a comfortable 5 days to pay the wee sum of 0.0002 bitcoin - not even £7 - which must mean that attackers that employ it are probably going for quantity over quality. For additional information about these two dangerous ransomware strains, read more here.
And that's a wrap for the week! If you still want more technology and cybersecurity news, check out our Twitter page. You can also get in contact with a member of our team to see how our security services can keep your organisation out of the headlines.
