Mon. Nov 18th, 2019

Layer 7 Weekly Round Up: 9/30 Edition

THE BIG STORY

1. Iranian hackers targeted 2020 US presidential candidate

Researchers at Microsoft’s threat intelligence center found evidence that Iranian-linked hacking group Phosphorus — also known as Apt 35 — targeted a 2020 US presidential candidate. Although the tech giant did not name the candidate, between August and September of this year, the group made over 2,700 attempts to identify email accounts belonging to specific Microsoft customers.

 

WE’RE KEEPING AN EYE ON

2. New zero-day flaw affecting Android phones

According to researchers at Google, an unpatched vulnerability affecting Android phone models 8.x and later is being exploited in the wild. Ironically, the bug was discovered and patched in December 2017, but for some reason, the patch didn’t carry over to newer OS versions.

 

INCIDENTS

4. Zynga data breach exposes 200 million Words With Friends players

In a less than stellar breach notice, popular social game developer Zynga revealed that it was the victim of a data breach. In an exclusive statement to the Hacker News, the hacker said he managed to breach Words With Friends and access a database, which held information on more than 218 million users.

 

5. Cybersecurity firm Comodo hacked 245,000 users data Exposed

In a brief notice, Comodo, a freemium provider of endpoint protection, confirmed that it was the latest victim of a data breach, which exposed 245,000 users’ personal information.

 

INTERESTING READ

5. An explosion in online child sex abuse: what you need to know

If you have a child who’s old enough to surf the web, this article from the New York Times is for you. Why? Because tech companies have seen a major increase in online photos and videos of children being sexually abused. — NY Times