The Growing Threat of Information-Stealing Malware
If it looks like there are suddenly more data breaches, you’re probably right. Part of this apparent surge is due to the growing popularity of information-stealing malware. Cybercriminals are increasingly using these types of malware to obtain as many login credentials and other sensitive data as possible. The stolen material is then sold on criminal hacking forums and used to hack into victims’ accounts, which may include those of large companies. This is a good reminder to always enable multi-factor authentication wherever available.
Recent Incidents Highlighting Data Security Challenges
A security researcher disclosed this week that he had discovered more than a dozen unsecured databases containing sensitive information about voters in counties across Illinois. The data is stored by government contractors and includes driver’s license numbers, Social Security numbers, death certificates and more. While election security has generally improved in recent years, this incident illustrates how difficult it is to protect all voter information at all times.
The history of confidential FBI informants is long and sordid, and it continues. A Wired investigation published this week reveals how an informant infiltrated far-right groups and secretly turned them over to the federal government while spreading hateful ideology online, inspiring a new generation of violent extremists online molecular.
Major Cybersecurity Events Impacting Tech Giants
Meta, the parent company of Facebook and Instagram, will pay $1.4 billion to settle a lawsuit filed by the Texas attorney general, whose office accused the social media giant of illegally obtaining the biometric data of millions of Texans. In 2022, the state sued Meta over its implementation of a feature that used facial recognition to automatically suggest tags for people to add to photos and videos uploaded to Facebook. Prosecutors said the feature, originally called “Tag Suggestions,” violated a Texas law that allows companies to obtain and harvest someone’s biometric identifiers without their consent. While Meta did not admit any wrongdoing in the agreement, it is the largest single privacy settlement ever awarded to a state, according to Texas Attorney General Ken Paxton’s office.
A massive outage in Microsoft Azure was caused by a cyberattack and affected a range of services, including Microsoft 365 products such as Office and Outlook, the technology company revealed on Wednesday. According to Microsoft’s Azure status history page, the incident lasted for about eight hours on Tuesday and affected “a subset” of customers around the world. The company described the attack as a distributed denial of service, in which hackers maliciously attempt to disrupt a target company’s operations by overwhelming its infrastructure with massive amounts of network traffic. According to PCMag, two hacker groups have claimed responsibility. Microsoft plans to release a comment on the incident.
