10Fold – Security Never Sleeps – 7

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Starwood hotels admits that a data breach has resulted in the theft of customers financial information. Victims of the Patreon site hack are now being subjected to hackers demanding bitcoin in exchange for their personal information not being released to the dark web. Cybercriminals are ramping up to spread holiday malware. Apple’s CEO takes a stand on back doors to encryption communication.

Starwood Hotels Falls Prey To Point-of-Sale Malware – Publication: ZDNet – Reporter name: Charlie Osborne

Starwood has admitted that a security breach taking place at 54 hotels has resulted in the theft of financial data from customers. Last week, the hotel chain admitted that a “limited number” of hotels in the US have become infected with malware, enabling cyberattackers to access financial data belonging to customers.


Extortion Attempt On Victims Of Patreon Site Hack – Publication: BBC – By BBC STAFF

Some members of the crowdfunding website Patreon, which was hacked last month, say they have received emails demanding bitcoin payments in return for the protection of their private data. The data listed in the email includes credit card details, social security numbers and tax identification numbers.


Tis The Season…Of Malware – Publication: CSO – Reporter name: Stu Sjouwerman

Cybercriminals have been preparing for another Black Friday/Cyber Monday. It’s a time for them to make big profits too. Last year’s scams will undoubtedly return and some new tricks will arise. Here are some of the top scams that CSOs should be preparing their company’s users to be aware of.


Apple’s CEO On Encryption: “You Can’t Have A Back Door That’s Only For The Good Guys” – Publication: Forbes – Reporter name: Steve Morgan

There’s a burning debate – bordering on a battle – between the U.S. government and technology companies over encryption. The government asserts that encryption – when it is so strong that the police cannot eavesdrop on communications in their efforts to catch and prosecute criminals – is a bad thing. Some government officials have even suggested that terrorists use encrypted communications to help carry out their acts of malice.