Plus: New Oracle cloud vulnerability reported
| Part of  Network | |
 Presented by  |
A Twitter password reset bug may have exposed thousands of user accounts. Security researchers recently tracked the bug. More: - Due to the flaw, Twitter users who had reset their passwords were not logged out from the active sessions on other devices.
- Researchers believe this flaw may have been used by hackers to expose thousands of Twitter users.
- Twitter did not specify the date when the breach happened, but it is believed the flaw was abused in 2021.
- The company claims it has made changes that have addressed the issue and that it has notified all of the affected users.
Zoom Out: - Only a few weeks ago, Twitter's former head of Security, Peiter Zatko, made shocking claims, stating that the company has severe security issues such as foreign agents selling info, unauthorized data access from employees, having the security protocol overruled by management decisions, etc. Zaitko made the claims in front of the U.S. Congress.
- The company also had to pay a $150M fine due to breaking privacy rules in early 2022.
| |
The FBI has stated that Iranian hackers had access to Albanian systems for 14 months prior to the recent cyberattack. The statement comes as a result of a recent investigation following a breach that shut down E-Albania. More: - According to the joint statement with CISA, hackers used their access privileges to steal information from email communications and deploy disk wiping malware.
- The threat actor believed to be responsible for the breach is tracked as HomeLand Justice.
- After 14 months of having access to the country's critical digital infrastructure, the actor launched a massive hacking campaign in July 2022, causing the entire E-Albania system to go down. The latter is used for administrative tasks ranging from passport applications to tax payments.
- Besides this attack, the country was hit by another hacking campaign a few days later, this time having its border security verification system shut down due to a cyberattack.
- The FBI stated the threat actor transferred anywhere from 70-160 MB of general data and 3-20 GB of server data.
Zoom Out: - The breach resulted in Albania giving Iranian diplomats an order to leave the country in 24 hours. Soon after, Akbanua decided to cut its diplomatic ties with Iran as a result of this breach. The U.S. embassy in Albania, NATO, the FBI, and other agencies, have blamed and criticized Iran for the breach.
- The latter has denied being involved with this breach.
| |
 A message from QUANTUM Save Your Data Before It Needs Saving - Air-Gapped Protection: Reliable and Cost-Effective Paying a ransom may sound like the best case scenario: get your data back, make your customers feel worth it. But actually, it can affect your business in other ways and may, in some cases, be illegal. Make sure your systems are protected across the entire data lifecycle - and never pay a ransom again. You’re able to balance cost while maximizing efficiency. No one can stop ransomware or fully prevent it from taking place - but you can make sure you’re protecting your customers and your data by ensuring that there is a fully air-gapped solution. Request A Demo
| |
Cybersecurity company Malwarebytes has raised $100M. The company was founded in 2008 and is based in California. More: - The funding round was led by Vector Capital.
- Malwarebytes says it will use the funds raised to create new products, accelerate its partnerships, and expand its managed service provider business.
- The company uses proprietary artificial intelligence, deep learning, and machine learning technology to help companies detect and prevent cyberattacks before they are able to cause damage.
- Malwarebytes also offers add-on tools such as VPNs and browser guarding.
- The company had recently laid off 125 employees as part of a restructuring plan.
| |
Security researchers have reported a new vulnerability in Oracle Cloud. The flaw was tracked on June 24, 2022. More - What makes this flaw particularly dangerous is that most vulnerabilities require at least a limited level of admin-level privileges to deploy malware, while this one only requires the attacker to know the OCID.
- The hackers were able to exfiltrate or destroy sensitive data within OCI storage volumes.
- Researchers stated that Oracle patched the flaw within 24 hours, meaning that the time span for threat actors to have conducted malicious activity is limited. Regardless of this fact, this period is enough to cause severe damage to individuals.
- The flaw, tracked as #AttachMe, has not been reported by any users so far.
| |
| |
Cybersecurity startup Deep Instinct has raised a $62.5M funding round. The company is based in New York City. More: - This funding round was led by BlackRock, with participation from Chrysalis Investments, Millennium, and Unbound.
- Deep Instinct uses AI and deep learning to provide multiple layers of cybersecurity defense and cyberattack prevention services for its clients.
- The company aims to use the funds for expansion and product development.
- Deep Instinct claims its product has helped prevent more than 20 million malware attacks so far and has saved its clients $3M in ransom payments.
| |
Quick Hits: - 97% of companies are pursuing a multicloud strategy. Here are six steps for a successful cloud migration experience.*
- A python flaw tracked as CVE–2007–4559 may have affected over 350,000 open–source projects. The flaw is over 15 years old but is believed to have been activated again.
- Telecom company Optus has been hit by a cyberattack. The Australian company claims the hacking campaign may have affected user data such as home addresses, license numbers, and passports.
- Stillman College has received a $2.7M cybersecurity grant from the U.S. Department of Commerce. The funds will be used to build a training center at the college facilities.
- EU Parliament members have criticized Israeli companies for not providing enough transparency regarding the process of building and selling spyware that has been used to spy on EU officials.
*This is sponsored content.
| |
Upcoming events at Inside: - September 28 - AMA with Leigh-Ann Buchanan (Founder of aīre ventures) (Register Here)
- October 05 - AMA with Ram Bartov (Chief Accounting Officer at TripActions)* (Register Here)
- October 11 - AMA with Mike Malone (Smallstep)* (Register Here)
- October 19 - AMA with Zecca Lehn (Responsibly VC) (Register Here)
- October 25 - Meet Our Fund 4, an Inside.com Summit (Register Here)
- November 02 - AMA with Bill Glenn (Executive Chairman at Crenshaw Associates) (Register Here)
*This is a sponsored listing.
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
With Quantum, we shift the focus from accumulating data to making it work for you. | |
| |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2022 Inside.com | |
| |
