Tag Archives: Scam

10Fold- Security Never Sleeps- 181

IoT Devices Plagued by Lesser-Known Security Hole

“Massive exposure for IoT devices”

IoT device security is often challenged on the public internet. Most recently, MQTT communications have been found by researchers at Black Hat that the 90’s era protocol can be easily manipulated to access many sensitive machines. In the past, these processes have been used to sabotage or snoop on power plants, ATM’s, and other devices.

Cyber security training must reflect real risks, warns the IISP

“False sense of security likely”

The IISP is warning businesses that in the rush to ‘skill-up’ on cyber security processes could lead to firms resting at ease under false pretenses. The Institute of Information Security Professionals advises firms to invest wisely in training and consider the quality and applicable benefits.

Malware scam zeroes in on ANZ customers

“Fake email plaguing ANZ customers”

Clients of the ANZ bank are receiving fake emails loaded with malware intending to steal their sensitive data. Email filtering company MailGuard has stated that a type of ‘highly convincing’ fraudulent ANZ bank invoices have begun to circulate in the morning of July 11th.

How a data breach can negatively impact your company’s stock price

“Lasting effects not typically discussed”

We all know that company data breaches can lead to lost records, IP theft, and much more. However what is not discussed as often is the focus of the Comparitech report released Tuesday. The report detailed the lasting impact of a data breach, including effects on stock price, that can last for years after the fact.

Enjoy your read? Check out our other content here.

10Fold – Security Never Sleeps – 35

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Security researchers have found that nearly all versions of the Magento e-commerce platform allows hackers to embed malicious JavaScript code insider customer registration forms on millions of e-commerce sites. A symantec partner has allegedly been caught running a tech support scam by leveraging bogus threats to sell overpriced security software. Sixteen lawmakers are trying to end congress’ gridlock by offering new bills that would help ensure student and employee privacy. Blockchain has emerged as a more secure, transparent, faster and less expensive financial alternative and continues to push for adoption throughout various industry.

Bug In Magento Puts Millions Of E-Commerce Sites At Risk Of TakeOver – Publication: Ars Technica – Reporter name: Dan Goodin

Millions of online merchants are at risk of hijacking attacks made possible by a just-patched vulnerability in the Magento e-commerce platform. The stored cross-site scripting (XSS) bug is present in virtually all versions of Magento Community Edition and Enterprise Edition prior to 1.9.2.3 and 1.14.2.3, respectively, according to researchers from Sucuri, the website security firm that discovered and privately reported the vulnerability. It allows attackers to embed malicious JavaScript code inside customer registration forms. Magento executes the scripts in the context of the administrator account, making it possible to completely take over the server running the e-commerce platform.


Symantec Partner Caught Running Tech Support Scam – Publication: Network World – Reporter name: Gregg Keizer

According to San Jose, Calif.-based Malwarebytes, Silurian Tech Support ran a scam in which its employees, who billed themselves as support technicians, used obscure but harmless entries in Windows’ Event Viewer and Task Manager to claim that a PC had been overwhelmed by malware, then leveraged those bogus threats to sell overpriced copies of Symantec’s Norton security software and an annual contract for follow-up phone support.


5 Things Congress Should Learn From New State Privacy Bills – Publication: Wired – Reporter name: Any Greenberg

On Wednesday 16 states’ lawmakers, with the advice and coordination of the American Civil Liberties Union, introduced bills designed to shore up Americans’ privacy on a long list of issues that federal lawmakers have either ignored or allowed to become paralyzed in Congress’s endless gridlock. That collective legislative push, which the ACLU is calling Take CTRL, addresses everything from student and employee privacy to new police surveillance techniques. The bills, together, would cover more than a 100 million Americans, by the count of the ACLU’s advocacy and policy counsel Chad Marlow.


How Will Bitcoin And Blockchain ‘Cross The Chasm’? An Analysis Of 5 Strategies – Publication: Forbes – Reporter name: Laura Shin

Blockchain, or distributed ledger, technology is more secure, transparent, faster and less expensive than current financial systems. And it has applications in other sectors like identity issuance, land titles, provenance and more. But for all its superiority, it finds itself in what disruptive innovation author Geoffrey Moore would call “the chasm”: Right now, tech enthusiasts and other people who have strong reason to prefer this technology over existing options have adopted it, but the companies in the space now need to attract users outside the core believers.