Top Weekly Cyber News: August 4-10, 2019

Hi folks! You may find below the latest news about global incidents, threats and attacks handpicked by our super XM Cyber team of experts.
Security Affairs – City of Naples, Florida, lost $700K after a cyberattack
August 10
Another city in the United States was hit by a cyber attack, according to officials in the city of Naples (Florida) they lost $700,000 in a recent attack. [More]

HotHardware – Teen Hacker Discovers Bugs In Education Software Exposing Millions Of Student Records
August 10
From security officers to guest sign-ins, schools employ several tools to keep their physical campuses safe. However, is student data also secure? A teen hacker recently uncovered vulnerabilities in two education software programs that could have affected over five million students. [More]

Wired – Hackers Take On Darpa’s $10 Million Voting Machine
August 9
Fro the last two years, hackers have come to the Voting Village at the DefCon security conference in Las Vegas to tear down voting machines and analyze them for vulnerabilities. But this year’s Village features a fancy new target: a prototype secure voting machine created through a $10 million project at the Defense Advanced Research Projects Agency. You know it better as Darpa, the government’s mad science wing. [More]

DarkReading – State Farm Reports Credential-Stuffing Attack
August 9
US insurance firm State Farm has confirmed a credential-stuffing attack. In a letter to customers, the company reports a so-called “bad actor” used a list of user IDs and passwords obtained from outside sources to attempt to gain access to State Farm online accounts. [More]

Ars Technica – A Boeing code leak exposes security flaws deep in a 787’s guts
August 9
Security researcher Ruben Santamarta partook in some creative googling, searching for technical documents related to his years-long obsession: the cybersecurity of airplanes. He was surprised to discover a fully unprotected server on Boeing’s network, seemingly full of code designed to run on the company’s giant 737 and 787 passenger jets, left publicly accessible and open to anyone who found it. [More]

The Hacker News – Binance KYC Data Leak — Crypto Exchange Sets $290,000 Bounty On Blackmailer
August 7
Malta-based cryptocurrency exchange Binance has become a victim of a ransom demand from a scammer who claimed to have hacked the KYC (Know Your Customer) data of thousands of its customers. [More]

Wired – Monzo’s PIN security breach, explained
August 6
Nearly half a million of the challenger bank’s customers have been asked to reset their PIN after the information was left in a insecure file accessible to Monzo (one of the UK’s digital challenger banks) employees. [More]


BAS vs. Pen Testing



Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.