Weekly Recap August 5, 2022
Table of Contents
- By Steven
- Aug 07, 2022
A recent IBM report estimates healthcare data breaches have reached a record high of $10 million per incident. This eye-popping statistic is just one of many examples of the actual cost of digital security breaches. Crunch the numbers, and you will find that the cost of such attacks is up nearly 10% from the same time one year ago.
The healthcare industry is not the only sector under attack. Scan the digital security threat landscape, and you will find malware, spyware, trojans, phishing scams, and more are targeting businesses and organizations spanning all industries and sectors.
Google Play Store Malware
Certain apps in the Google Play Store are placing malware on smartphones. As of this publication, more than 12 such apps were covertly laced with the malware that activates after download. The campaign centers on the use of dropper apps. The droppers transmit banking malware to the targeted devices, setting the stage for screen captures, the theft of information, and identity theft.
Twitter API Keys Exposed
More than 3,000 apps have leaked Twitter API keys tied to Twitter accounts. Specific API keys allow hackers to gain access to targets' Twitter accounts. The compromised accounts are then used to manipulate followers, make threats, delete tweets, and wreak general havoc. Hackers can overtake accounts as they can access specialized keys and tokens that overcome barriers to account login. The hack is in-depth to the point that bots are used to disseminate fake news and other lies through compromised accounts.
Email Spying
Browser extensions are being used to spy on email messages. More specifically, a hacking group based in North Korea has been in the news for obtaining information from emails through browser extensions. Chromium extensions on web browsers empower hackers to steal email information. The digital security community anticipates hackers outside of North America will replicate the strategy in attacks on other businesses and organizations in the weeks and months ahead.
If you have not updated your digital security protections in the past couple of months, seize the opportunity to do so now, and you'll be able to focus on your work rather than worrying about your potentially inadequate digital security protections.
5 Million Twitter Accounts Compromised by Bug
A bug within Twitter has led to yet another data breach. The attack is harrowing for the social media giant in the aftermath of Elon Musk backing out of his promise to buy the company for $44 billion. The manipulation of the bug led to the theft of valuable personal information, including the phone numbers and email addresses of the social media platforms' most famous users.
NPM Packages Threaten Discord Security
Discord, an online chat service popular with gamers and others who seek online interaction with fellow humans, has been targeted with nasty NPM packages. The packages are stealing everything from Discord users' financial information to passwords, usernames, and more. NPM, an acronym for node package manager, features a repository that hides malware that ultimately steals Discord tokens to view sessions on the chat service and pluck data from users. Kaspersky's digital security team deserves credit for identifying the packages within the Python and JavaScript code.