Sunday, September 26, 2021

Cyber Security Today: Open database on 8 million Americans, advice to Asus computer owners and news on hactivists

Open database on eight million Americans discovered, advice to Asus computer owners on security incident and news on hactivists.

Welcome to Cyber Security Today. It’s Monday May 19th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com. It’s a civic holiday in Canada today, so thanks for listening.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

Another one of those darn unsecured databases full of personal information has been found on the Internet. This time it apparently has data on eight million people in the U.S. who participated in online surveys, sweepstakes and requests for free product samples. You fill in your name, address, phone number and email address, and you may get something. But according to the news site Bleeping Computer, the database a security researcher came across also had sensitive data like dates of birth and gender. The database belonged to a marketing company called Ifficent that was collecting and processing the information. You and I might think this is sensitive information. Not this company. Why? Because, the company said, it didn’t have social security numbers, credit card numbers or state ID numbers. Still, it was notifying affected people where U.S. state law requires. Meanwhile, companies have to get tougher on clumsy employees.

Do you have an Asus computer? Do you use the Asus update service or its WebStorage cloud service? If so, you should run an anti-virus or anti-malware scan on your machine. The company has acknowledged that last month it discovered a security incident involving its WebStorage update server. This came after security vendor Eset said it found malware on some customer computers that had been delivered through Asus WebStorage. There was no explanation from Asus of how it was victimized, but make sure you do a scan.

People who launch cyber attacks against organizations for social causes are called hactivists. Usually, their goal is to shame or harass, not to steal. One of the biggest groups doing this was called Anonymous. However, a new report from IBM’s X-Force threat intelligence service says hactivism activity has plunged since 2016, when Anonymous split apart, and a number of hactivists were arrested. One became an FBI informant. Still, IBM is reluctant to say hactivism is over. More likely, it says, this is just a lull. And there is the question of whether some things seen today, like attacks on news or government web sites, are from social activists or part of low-level cyber war by a country.

Finally, IT security pros whose companies use the Slack collaboration tool should make sure the latest version has been installed. A security company called Tenable discovered a bug that could allow an attacker to steal or manipulate documents. The patch was released last month. And IT should also be on the lookout for patches from Intel, Apple, Linux distributors and Microsoft to fix bugs in Intel processors.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News