• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   This Week in Security News: Security and Privacy Issues

This Week in Security News: Security and Privacy Issues

  • Posted on:December 7, 2018
  • Posted in:Current News, Security
  • Posted by:
    Jon Clay (Global Threat Communications)
0

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, understand how Trend Micro™ Deep Security™ service will be integrating with AWS Security Hub. Also, learn how to prevent risks and secure machine-to-machine communications over Message Queuing Telemetry Transport and Constrained Application Protocol.

Read on:

AWS Security Hub and Deep Security

AWS Security Hub provides a comprehensive view of your high priority security alerts and compliance status for your AWS deployment.  

Marriott Says Breach of Starwood Guest Database Compromised Info of Up to 500 Million

Marriott International announced that the private information of up to 500 million guests may have been accessed as part of a breach of its Starwood guest reservation database.

Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities

Trend Micro found hundreds of thousands of misconfigured hosts that exposed credentials, sensitive information, and industry-related process data. 

Cyber crooks increasingly targeting home devices: report

Cyber criminals are shifting their attention from traditional computers to internet-connected devices in Canadian homes, says the government’s cyber security agency.

Quora Discloses Mega Breach Impacting 100 Million Users

Quora, one of the largest question-and-answer portals on the Internet, announced that hackers gained access to its servers and stole information on about 100 million of its users, which is approximately half of the site’s total user base. 

Hacker Infects Node.js Package to Steal from Bitcoin Wallets

A Node.js module with nearly two million downloads a week was compromised after the library was injected with malicious code programmed to steal bitcoins in wallet apps. 

MQTT and CoAP: Security and Privacy Issues in IoT and IIoT Communication Protocols

Trend Micro looked into MQTT brokers and CoAP servers around the world to assess IoT protocol security and ways to prevent risks and secure machine-to-machine (M2M) communications over MQTT and CoAP. 

Exclusive: Emails of Top NRCC Officials Stolen in Major 2018 Hack

The House GOP campaign arm suffered a major hack during the 2018 midterm campaigns, exposing thousands of sensitive emails to an outside intruder, according to three senior party officials. 

Smart Cities: Could These IoT Design Flaws Put The Lights Out?

Trend Micro discovered that two popular IoT protocols are insecure by design, putting both ‘Industry 4.0’ smart factory implementations and smart cities at risk.

Spam Campaign with .PUB Attachment Delivers RAT, Targets Food and Retail Brands

The cybercriminals behind this spam campaign may be taking advantage of using .PUB files as the macro-downloader during the busiest quarter of the year for businesses according to Trend Micro.

Were you excited about AWS’s Security Hub announcement? Why or why not? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

Related posts:

  1. Parlez-vous Machine?
  2. This Week in Security News: Fake Apps on iOS and Google Play and Social Media Security Issues
  3. This Week in Security News: How a Partnership can Advance DevSecOps and Cybersecurity Issues in the Midwest and South U.S.
  4. This Week in Security News: Adware and Ransomware

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Fujitsu and Trend Micro Demonstrate Solution To Secure Private 5G
  • Trend Micro Receives 5-Star Rating in 2021 CRN® Partner Program Guide
  • Smart Factory Cyber Attacks Knock Out Production for Days
  • Eliminate Hesitations: Security Simplified For Those Building In The Cloud
  • Nuffield Health Depends on Managed XDR with Trend Micro Vision One
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.