Cyber Security News (06-Aug-2018)

1. Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months

TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018.

In a letter being mailed to affected customers, TCM said the information exposed was data that card applicants uploaded to a Web site managed by a third party vendor.

Bruce Radke, an attorney working with TCM on its breach outreach efforts to customers, said fewer than 10,000 consumers who applied for cards were affected. Radke declined to name the third-party vendor, saying TCM was contractually prohibited from doing so.

Cyber Security Tips:

–  Users are recommended not to share personal data like, Date of birth, Addresses, Social Security Numbers etc.  On any unauthenticated website.


2.  IT specialist detained for stealing 27 million rubles from Bank cards of Russian citizens

The Ministry of Internal Affairs of the Russian Federation reported that in Rostov-on-Don (Rostov Oblast, Russia) police detained 46-year-old local resident suspected of major fraud. He is accused of stealing 27 million rubles from bank cards.

Irina Volk, the official representative of the MIA, reported that hacker has a higher technical education, previously worked as a private IT specialist.

The police said that the hacker illegally acquired a database of SIM cards with electronic keys and special software. He made duplicates of SIM cards of mobile numbers connected to Bank cards.  The attacker withdrew money from the residents’ accounts and cashed them using an electronic wallet.

Cyber Security Tips: 

  • Users should avoid revealing too much personal data online, and check on what alerts can be set up with their bank or phone company to identify any attempts to access their account.
  • Use encrypted messaging apps that aren’t as prone to snooping as SMS.
  • Enable two-factor authentication, which requires a randomly generated passcode in addition to a username and password, on sensitive social media, credit card, and bank accounts.

 

3.  Symfony Flaw Leaves Drupal Sites Vulnerable to Hackers – Patch Now

Drupal, the popular open-source content management system, has released a new version of its software to patch a security bypass vulnerability that could allow a remote attacker to take control of the affected websites.

Since Symfony—a web application framework with a set of PHP components—is being used by a lot of projects, the vulnerability could potentially put many web applications at risk of hacking.

Cyber Security Tips: 

  • Users are highly recommended to update Drupal sites as soon as possible.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: