How fintech startup Amount manages data security across cloud collaboration platforms with Nightfall: Watch the story now.

MacBook Closing
Newsletter 4 min read

Nightfall Weekly InfoSec Roundup: July 23 to July 29

by Michael Osakwe Published Jul 30, 2019

Cyber Attacks & Breaches

  • 13,000 NAB customers affected by data breach
    (ComputerWorld) July 28th
    NAB has begun contacting some 13,000 of its customers revealing details of a data breach. The bank said that a range of personal information including names, dates of birth, contact details and in some cases, the number of a government-issued ID documents, was erroneously uploaded to the servers of two “data service companies”.

  • Ransomware crooks hit Synology NAS devices with brute-force password attacks
    (ZDNet) July 26th
    Taiwan-headquartered storage vendor Synology is warning users to strengthen the passwords to their network attached storage (NAS) after several devices — capable of storing terabytes of data — were encrypted by ransomware.

Vulnerabilities & Exploits

  • Critical Flaws Found in VxWorks RTOS That Powers Over 2 Billion Devices
    (The Hacker News) July 29th
    Security researchers have discovered almost a dozen zero-day vulnerabilities in VxWorks, one of the most widely used real-time operating systems (RTOS) for embedded devices that powers over 2 billion devices across aerospace, defense, industrial, medical, automotive, consumer electronics, networking, and other critical industries.

  • Scams use false alerts to target Office 365 users, admins
    (SC Magazine) July 23rd
    Malicious actors have recently been targeting Microsoft Office 365 users in two separate scams – one that distributes the TrickBot information-stealing trojan via a fake website and a phishing campaign that sends fake alerts with the intent to take over the accounts of email domain administrators.

  • Browser Flaws Exposed Local Area Networks at Health, Drug Firms
    (HIT Infrastructure) July 24th
    Vulnerabilities in Chrome and Firefox browser extensions enabled attackers to access local area networks (LANs) of several healthcare and pharmaceutical companies including AthenaHealth, Epic Systems, Kaiser Permanente, Merck, Pfizer, and Roche.

  • Slide deck brings BlueKeep exploit closer to the wild
    (TechTarget) July 23rd
    A Chinese researcher presented details regarding how to achieve a remote code execution BlueKeep exploit and experts now say attacks in the wild are closer than ever.

  • Android vulnerability lets hackers hijack your phone with malicious videos
    (The Next Web) July 24th
    If you use a phone running any version of Android between 7.0 and 9.0 (Nougat, Oreo, or Pie), you ought to immediately install the latest security update – or risk getting your handset hijacked by devious video malware.

Risks & Warnings

Join us next week for the next edition of Nightfall’s Weekly InfoSec Roundup!

Subscribe to our newsletter

Receive our latest content and updates

Nightfall logo icon

About Nightfall

Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.

 

Schedule a Demo

Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at sales@nightfall.ai.

call to action

Ready to get started?

Schedule a demo