IBM ’ s latest X-Force Threat Intelligence Index report reveals that more than 2.9 billion records were leaked Attack.Databreach through publicly disclosed incidents in 2017 . While that sounds horribly bad , there ’ s a bright side to this stormy disclosure : the number is 25 percent lower than the amount of records leaked Attack.Databreach in 2016 . Why ? Because hackers are shifting over to ransomware . They ’ re becoming more focused on holding files hostage for money than on unleashing all that data to the dark markets . According to IBM , this shift to ransomware cost corporations more than $ 8 billion globally during 2017 , a number derived from downtime , ransom payments Attack.Ransom , and other impacts on day-to-day business . The global logistics and transportation industries alone lost “ millions of dollars ” in revenue during 2017 due to ransomware attacks Attack.Ransom . Ransomware is a type of malware that infiltrates a network and encrypts files on connected PCs . These files become unrecoverable , and require a “ key ” generated by the hacker to be released from captivity . These keys are provided after a payment using cryptocurrency , adding to the overall cost corporations incur due to downtime . Hiring a third party to recover the files may or may not work , depending on the level of encryption . “ With the potentially irreversible encryption lock of crypto-ransomware , victims without up-to-date backups often choose to pay the ransom Attack.Ransom their attackers demand Attack.Ransom , ” the report states . “ Losing one ’ s files on personal devices may cost a few hundred dollars , but that effect extends much further for organizations where infected users could cause the company to lose massive amounts of data , and possibly to have to pay Attack.Ransom the criminals considerable sums of money to get it back. ” The report reveals that many organizations keep cryptocurrency on hand so they can resolve the problem quickly and reduce costly downtime . Law enforcement agencies discourage payments Attack.Ransom to hackers , but the rising ransomware “ epidemic ” is getting to the point where it may potentially cost corporations across the globe more than $ 11.5 billion annually by 2019 , according to research by Cybersecurity Ventures . Malware , by contrast , values leaked personal data over the potential financial gain of locking sensitive data on corporate networks .

A California auto loan company left the names , addresses , credit scores and partial Social Security numbers of up to 1 million people exposed Attack.Databreach on an insecure online database . The company behind the database is Alliance Direct Lending Corporation , according to Kromtech Security Research Center , which discovered the data earlier this week . It said the data was found on an unprotected Amazon server and that the data could have been exposed Attack.Databreach for up to two years . According to Alliance Direct Lending ’ s website , the company works with individuals and auto dealership partners to help car owners refinance existing auto loans . Data stored in the cloud was in clear text , according Diachenko . He said data also included several dozen recorded voice conversations with customers that disclosed full Social Security numbers of loan applicants . Sample data included the names of 114 car dealerships . According to Kromtech , it estimated between 550,000 to 1.1 million loan records from those dealers were exposed Attack.Databreach online . Dealers were located across the United States from California , Colorado , Florida and Massachusetts . Kromtech said it was unsure if additional third parties may have accessed Attack.Databreach the data . Privacy experts said the data in the hands of the wrong person would be a nightmare for victims . A criminal that knows the data comes from people who have refinanced their car loan and may have less than stellar credit , coupled with partial Social Security numbers , would be a dream come true . “ Things could go wrong on a variety of levels . The data could be used to phish additional data Attack.Phishing via email or phone scams . That ’ s not even mentioning the reputational damage to those in the database with bad credit scores , ” said Adam Levin , chairman and founder of CyberScout . The data found by Kromtech was on an Amazon ’ s AWS S3 server . AWS S3 is marketed as an easy-to-use web service that allows businesses to store and retrieve data at a moment ’ s notice . Data is stored in what Amazon calls buckets . “ The Kromtech Security Research Center has seen an increase in vulnerable AWS S3 buckets recently due to misconfigurations or public settings , ” Diachenko said . “ We have identified hundreds of misconfigured instances and we have been focused on helping to secure them as soon as we identify who the data belongs to. ” He said companies should consider Alliance Direct Lending ’ s example a sobering reminder that companies and individuals need to make sure their data is secure . For Diachenko , this is the latest in a string of insecure database he has helped uncover . In January , he was part of a research team that found 400,000 audio files associated with a Florida company ’ s telemarketing efforts were stored insecurely online . In February , Kromtech researchers found tens of thousands of sensitive documents insecurely stored online belonging to a print and marketing firm . Thousands of resumes and job applications from U.S. military veterans , law enforcement , and others were leaked Attack.Databreach by a recruiting vendor in an unsecured AWS S3 bucket .

Earlier this week , private photos and video clip of the famous WWE Divas Lisa Marie Varon known by her WWE name Victoria and Charlotte Flair were leaked Attack.Databreach online the internet . The photos showed Charlotte taking selfies of herself in front of the mirror using her iPhone while in Lisa ’ s case a video clip in her private moments along with selfies taken from her iPhone have been leaked Attack.Databreach . Her original name being Ashley Fliehr , the WWE woman wrestler is the daughter of Ric Flair , who is again a well-known wrestling legend . She is considered as one of the most popular WWE stars having been the women ’ s champion for up to four times . She began her career by first appearing on NXT in 2013 , and after a year , she managed to win NXT Women ’ s Championship . Later , she won the WWE Divas Championship after being promoted to the main roster in 2015 . She had also been married twice . Her first marriage was in 2010 with Riki Johnson . They later filed for divorce and Flair then married Bram in 2013 . They got divorced in 2015 . Flair also had a brother , Reid , who was found dead in March 2013 , in Charlotte ’ s bed and it was revealed that he died from heroin overdose . Flair tweeted about her photos being leaked Attack.Databreach saying that her photos were shared online without her consent and demanded that they should be removed immediately . Upon this , there were a plethora of supporters who emerged on Twitter , showing their support for Flair with the hashtag Flair , however , is not the only victim whose photos have been leaked Attack.Databreach so unscrupulously . Alexa Bliss , who currently holds the title of RAW Women ’ s Champion , had her photos leaked Attack.Databreach as well on April 28 . Alexa tweeted that the photos are fake and demanded that they should be taken down immediately . Similarly , Paige , who was WWE Divas Champion , had her private photos hacked Attack.Databreach along with explicit videos that were made public online . She later wrote that she felt quite bad and wanted to harm herself for days after the leak . Furthermore , private photos of WWE Divas including Maria Kanellis , Melina Perez , Kaitlyn and Summer Rae were also leaked Attack.Databreach on different online platforms . That ’ s not all , it was about two months ago when hackers leaked Attack.Databreach private photos of prominent Hollywood celebrities like Amanda Seyfried , Emma Watson . However , It is quite unnerving and yet troubling to see how these WWE stars are being exploited and no attention is being paid to the security standards of mobile communication . It is vital that network operators look into the issue immediately and build proper security features to prevent such infiltrations .

WASHINGTON — President Donald Trump ’ s homeland security adviser said Monday that the malware that has infected 300,000 computers in 150 countries is “ in the wild , ” but so far has not infiltrated U.S. government systems . Tom Bossert , assistant to the president for homeland security and counterterrorism , said three variants of the malware have been discovered and the U.S. government was closely monitoring the situation with officials in Britain . “ Overall , the U.S. infection rate has been lower than many parts of the world , but we may still see significant impacts in additional networks as these malware attacks morph and change , ” Bossert told reporters at the White House . “ We had a small number of affected parties in the U.S. , including FedEx . As of today , no federal systems are affected. ” Computers across the world were locked up Friday and users ’ files held for ransom Attack.Ransom when dozens of countries were hit Attack.Ransom in a cyber-extortion attack Attack.Ransom that targeted hospitals , companies and government agencies . Cybersecurity experts say the unknown hackers who launched the “ransomware” attacks Attack.Ransom used a hole in Microsoft software that was discovered by the National Security Agency and exposed when NSA documents were leaked Attack.Databreach online . The Department of Homeland Security is taking the lead on the investigation in the United States . The Cyber Threat Intelligence Integration Center is keeping the U.S. government informed about classified information concerning the investigation , he said . If Americans follow the patching information issued by the FBI , Microsoft and the Homeland Security Department , they will be protected from the malware and the variants , Bossert said . “ While it would be satisfying to hold accountable those responsible for this hack — something that we are working on quite seriously — the worm is in the wild , so to speak at this point , and patching is the most important message as a result , ” he said . “ Despite appearing to be criminal activity intended to raise money , it appears that less than $ 70,000 has been paid in ransoms Attack.Ransom and we are not aware of payments Attack.Ransom that have led to any data recovery. ” Neither the FBI or NSA would comment Monday . Trump signed an executive order on Friday aimed at boosting the nation ’ s cybersecurity , as well as building and maintaining “ a modern , secure , and more resilient executive branch IT architecture. ” “ The trend is going in the wrong direction in cyberspace , and it ’ s time to stop that trend and reverse it on behalf of the American people , ” Bossert said after that signing last week . “ We have seen increasing attacks from allies , adversaries , primarily nation-states , but also non-nation-state actors , and sitting by and doing nothing is no longer an option. ” Homeland Security Advisor Tom Bossert announces May 11 that Trump signed an executive order to bolster the government 's cyber security and protect the nation 's critical infrastructure from cyber attacks , during a news briefing at the White House in Washington , D.C .

The toys -- which can receive and send voice messages from children and parents -- have been involved in a data breach Attack.Databreach dealing with more than 800,000 user accounts . The breach Attack.Databreach , which grabbed headlines on Monday , is drawing concerns from security researchers because it may have given hackers access Attack.Databreach to voice recordings from the toy 's customers . But the company behind the products , Spiral Toys , is denying that any customers were hacked Attack.Databreach . Absolutely not , '' said Mark Meyers , CEO of the company . Security researcher Troy Hunt , who tracks data breaches Attack.Databreach , brought the incident Attack.Databreach to light on Monday . Hackers appear to have accessed Attack.Databreach an exposed CloudPets ' database , which contained email addresses and hashed passwords , and they even sought to ransom Attack.Ransom the information back in January , he said in a blog post . The incident Attack.Databreach underscores the danger with connected devices , including toys , and how data passing through them can be exposed Attack.Databreach , he added . In the case of CloudPets , the brand allegedly made the mistake of storing the customer information in a publicly exposed Attack.Databreach online MongoDB database that required no authentication to access . That allowed anyone , including hackers , to view and steal Attack.Databreach the data . On the plus side , the passwords exposed Attack.Databreach in the breach Attack.Databreach are hashed with the bcrypt algorithm , making them difficult to crack . Unfortunately , CloudPets placed no requirement on password strength , meaning that even a single character such as letter `` a '' was acceptable , according to Hunt , who was given a copy of the stolen data last week . As a result , Hunt was able to decipher a large number of the passwords , by simply checking them against common terms such as qwerty , 123456 , and cloudpets . `` Anyone with the data could crack a large number of passwords , log on to accounts and pull down the voice recordings , '' Hunt said in his blog post . Security researcher Victor Gevers from the GDI Foundation said he also discovered the exposed database from CloudPets and tried to contact the toy maker in late December . However , both Gevers and Hunt said the company never responded to their repeated warnings . On Monday , California-based Spiral Toys , which operates the CloudPets brand , claimed the company never received the warnings . `` The headlines that say 2 million messages were leaked Attack.Databreach on the internet are completely false , '' Meyers said . His company only became aware of the issue after a reporter from Vice Media contacted them last week . `` We looked at it and thought it was a very minimal issue , '' he said . A malicious actor would only be able to access Attack.Databreach a customer 's voice recording if they managed to guess the password , he said . `` We have to find a balance , '' Meyers said , when he addressed the toy maker 's lack of password strength requirements . He also said that Spiral Toys had outsourced its server management to a third-party vendor . In January , the company implemented changes MongoDB requested to increase the server 's security . Spiral Toys hasn ’ t been the only company targeted . In recent months , several hacking groups have been attacking Attack.Databreach thousands of publicly exposed MongoDB databases . They ’ ve done so by erasing the data , and then saying they can restore it , but only if victims pay a ransom fee Attack.Ransom . In the CloudPets incident , different hackers appear to have deleted the original databases , but left Attack.Ransom ransom notes on the exposed systems , Hunt said . Although the CloudPets ’ databases are no longer publicly accessible , it appears that the toy maker hasn ’ t notified customers about the breach Attack.Databreach , Hunt said . The danger is that hackers might be using the stolen information to break into customer accounts registered with the toys . But Meyers said the company found no evidence that any hackers broke into customer accounts . To protect its users , the company is planning on a password reset for all users . `` Maybe our solution is to put more complex passwords , '' he said .

Spiral Toys , the parent company behind CloudPets , yesterday sent the California Attorney General a breach notification that on many fronts contradicts what experts have said about a database breach Attack.Databreach that exposed Attack.Databreach user data and private voice messages , many of which were made by children . The notification says that the company was not aware of a breach until Feb 22 when it received an inquiry from a Motherboard reporter who was informed by researchers Troy Hunt and Victor Gevers of a serious issue involving the toymaker ’ s customer data . This runs contrary to timelines provided by Hunt and Gevers showing both reached out to a number of Spiral Toys contacts , including its ZenDesk ticketing system , around Dec 30 . The data was copied and deleted from an exposed MongoDB instance found online . It ’ s unknown how many times the database was accessed Attack.Databreach before its contents were deleted and a ransom note left behind Attack.Ransom , symptomatic of other attacks against poorly protected MongoDB databases . The recordings were not stored in the database , but the database did contain references to file paths to the messages , which were stored on an Amazon Web Services AWS S3 storage bucket . The database , Spiral Toys said in its notification , did include emails and encrypted passwords , which Hunt counters were not encrypted , but were hashed with bcrypt . Combined with a nonexistent password strength rule on Spiral Toys ’ part , the hashed passwords could easily be cracked , Hunt said . The company meanwhile said it would notify 500,000 affected users , force a password reset , and implement new password strength requirements . Hunt and Gevers said there were actually more than 800,000 registered users exposed in the breach Attack.Databreach . “ The breach has been addressed and from our best knowledge no images or messages were leaked Attack.Databreach onto the internet , ” Spiral Toys said . “ A hacker could get Attack.Databreach to that data if they started ‘ guessing ’ simple passwords ” . Which is exactly what a hacker would do , Hunt said . “ This is what hash cracking is and it ’ s a highly automated process that ’ s particularly effective against databases that had no password rules , ” Hunt said . Hunt points out that simple passwords such as qwe—a sample password shown during a CloudPets setup video—combined with the stolen email addresses pose a serious privacy risk . CloudPets are teddy bears that can send and receive messages using Bluetooth Low Energy connectivity to a mobile app , which sends the messages . The most typical use case is where a child can remotely send a message to a parent or authorized adult through the bear . “ If this product was secure , it would have been a nice contribution to the IOT/gadget/toy market , ” Gevers said . The best thing is that they learn from this and start making a new secure product line ” .

A security lapse at content distribution network provider Cloudflare that resulted in customer data being leaked Attack.Databreach publicly for several months was bad - but had the potential to be much worse . That 's Cloudflare 's initial postmortem conclusion after a twelve-day review of log data related to the breach Attack.Databreach . The review showed no evidence that attackers had exploited Vulnerability-related.DiscoverVulnerability the flaw prior to it being discovered Vulnerability-related.DiscoverVulnerability and patched Vulnerability-related.PatchVulnerability , Cloudflare CEO and founder Matthew Prince said in a blog Wednesday . A `` vast majority '' of Cloudflare 's customers also did not appear to have had any of their data leaked Attack.Databreach . Cloudflare ’ s inspection of tens of thousands of pages that were leaked Attack.Databreach from its reverse-proxy servers and cached by search engines revealed a `` large number '' of instances of internal Cloudflare cookies and headers . But so far , according to Prince , there ’ s no evidence that passwords , credit card numbers , and other personal data were compromised as was initially feared . The Cloudflare security snafu stemmed from the manner in which a stream parser application that the company uses to modify content passing through its edge servers handled HTTP requests . The bug caused the parser to read memory not only from the HTML page that was being actually parsed , but also from adjacent memory that contained data in response to HTTP requests made by other customers . The flaw was triggered only when pages with certain specific attributes were requested through Cloudflare ’ s CDN . `` If you had accessed one of the pages that triggered the bug you would have seen what likely looked like random text at the end of the page , '' Prince said . A lot of the leaked data ended up getting cached by search engines and Web scrapers . A security researcher from Google ’ s Project Zero threat hunting team alerted Vulnerability-related.DiscoverVulnerability Cloudfare to the bug last month . The company claimed it fixed Vulnerability-related.PatchVulnerability the problem in a matter of hours after being notified Vulnerability-related.DiscoverVulnerability of the problem . Some have compared the breach to Heartbleed and have even called it Cloudbleed . In his blog , Prince compared the threat posed by the bug to that posed by a stranger eavesdropping on a random conversation between two employees . Most of the time , the stranger would likely hear nothing of value , but occasionally might pick up Attack.Databreach something confidential . The same would have been true for a malicious attacker , who had somehow known about Vulnerability-related.DiscoverVulnerability the bug and exploited Vulnerability-related.DiscoverVulnerability it before Cloudflare ’ s fix Vulnerability-related.PatchVulnerability , he said . The customers most at risk of having their data exposed Attack.Databreach were those that sent the most requests through Cloudflare ’ s CDN . Cloudflare ’ s detailed postmortem and mea culpa evoked a mixed response from security experts . Ilia Kolochenko , CEO of Web security firm High-Tech Bridge praised Prince ’ s effort to be transparent about what went down . `` Even if we can not verify the accuracy of all the numbers inside – for the moment , I don ’ t have a valid reason to question either its content , or conclusion , '' Kolochenko says . In fact , until someone can come up with a credible rebuttal of Cloudflare ’ s internal investigation , it ’ s inappropriate to compare what happened at the company to Heartbleed . `` I ’ d say it ’ s inappropriate even to call this particular incident a 'Cloudbleed , ' '' he says . `` In the Heartbleed case , almost every company in the world , many software vendors including cybersecurity companies , were seriously impacted by the vulnerability . '' Heartbleed also resulted in multiple breaches Attack.Databreach and many organizations continue to be exposed Attack.Databreach to the threat . Neither of those situations applies to the Cloudflare security lapse . `` All avenues of Cloudflare ’ s vulnerability exploitation seems to be mitigated Vulnerability-related.PatchVulnerability by now , '' he says . But Kunal Anand , CTO of application security vendor Prevoty , says the details Cloudflare has shared are n't exactly reassuring . If no sensitive information like credit numbers and Social Security Numbers were leaked Attack.Databreach and the leaked dataset itself was relatively small , there is no reason why Cloudflare should n't share it with a third-party for an unbiased review , he says . `` CloudFlare needs to realize that HTTP headers , including cookies , contain sensitive information like session identifiers , authorization tokens and IP addresses , '' Anand says . `` All of these data points should count as private data . '' CloudFlare has been working with various search engines to purge their caches , but in the process , any evidence of the data that was leaked Attack.Databreach is being deleted as well . That makes it hard to quantify the scope of the data breach Attack.Databreach outside of CloudFlare 's own logs . `` There 's a lot of speculation if nation-state sponsored engines will actually purge the data or copy it for further analysis , '' Anand says .

A security lapse at content distribution network provider Cloudflare that resulted in customer data being leaked Attack.Databreach publicly for several months was bad - but had the potential to be much worse . That 's Cloudflare 's initial postmortem conclusion after a twelve-day review of log data related to the breach Attack.Databreach . The review showed no evidence that attackers had exploited Vulnerability-related.DiscoverVulnerability the flaw prior to it being discovered Vulnerability-related.DiscoverVulnerability and patched Vulnerability-related.PatchVulnerability , Cloudflare CEO and founder Matthew Prince said in a blog Wednesday . A `` vast majority '' of Cloudflare 's customers also did not appear to have had any of their data leaked Attack.Databreach . Cloudflare ’ s inspection of tens of thousands of pages that were leaked Attack.Databreach from its reverse-proxy servers and cached by search engines revealed a `` large number '' of instances of internal Cloudflare cookies and headers . But so far , according to Prince , there ’ s no evidence that passwords , credit card numbers , and other personal data were compromised as was initially feared . The Cloudflare security snafu stemmed from the manner in which a stream parser application that the company uses to modify content passing through its edge servers handled HTTP requests . The bug caused the parser to read memory not only from the HTML page that was being actually parsed , but also from adjacent memory that contained data in response to HTTP requests made by other customers . The flaw was triggered only when pages with certain specific attributes were requested through Cloudflare ’ s CDN . `` If you had accessed one of the pages that triggered the bug you would have seen what likely looked like random text at the end of the page , '' Prince said . A lot of the leaked data ended up getting cached by search engines and Web scrapers . A security researcher from Google ’ s Project Zero threat hunting team alerted Vulnerability-related.DiscoverVulnerability Cloudfare to the bug last month . The company claimed it fixed Vulnerability-related.PatchVulnerability the problem in a matter of hours after being notified Vulnerability-related.DiscoverVulnerability of the problem . Some have compared the breach to Heartbleed and have even called it Cloudbleed . In his blog , Prince compared the threat posed by the bug to that posed by a stranger eavesdropping on a random conversation between two employees . Most of the time , the stranger would likely hear nothing of value , but occasionally might pick up Attack.Databreach something confidential . The same would have been true for a malicious attacker , who had somehow known about Vulnerability-related.DiscoverVulnerability the bug and exploited Vulnerability-related.DiscoverVulnerability it before Cloudflare ’ s fix Vulnerability-related.PatchVulnerability , he said . The customers most at risk of having their data exposed Attack.Databreach were those that sent the most requests through Cloudflare ’ s CDN . Cloudflare ’ s detailed postmortem and mea culpa evoked a mixed response from security experts . Ilia Kolochenko , CEO of Web security firm High-Tech Bridge praised Prince ’ s effort to be transparent about what went down . `` Even if we can not verify the accuracy of all the numbers inside – for the moment , I don ’ t have a valid reason to question either its content , or conclusion , '' Kolochenko says . In fact , until someone can come up with a credible rebuttal of Cloudflare ’ s internal investigation , it ’ s inappropriate to compare what happened at the company to Heartbleed . `` I ’ d say it ’ s inappropriate even to call this particular incident a 'Cloudbleed , ' '' he says . `` In the Heartbleed case , almost every company in the world , many software vendors including cybersecurity companies , were seriously impacted by the vulnerability . '' Heartbleed also resulted in multiple breaches Attack.Databreach and many organizations continue to be exposed Attack.Databreach to the threat . Neither of those situations applies to the Cloudflare security lapse . `` All avenues of Cloudflare ’ s vulnerability exploitation seems to be mitigated Vulnerability-related.PatchVulnerability by now , '' he says . But Kunal Anand , CTO of application security vendor Prevoty , says the details Cloudflare has shared are n't exactly reassuring . If no sensitive information like credit numbers and Social Security Numbers were leaked Attack.Databreach and the leaked dataset itself was relatively small , there is no reason why Cloudflare should n't share it with a third-party for an unbiased review , he says . `` CloudFlare needs to realize that HTTP headers , including cookies , contain sensitive information like session identifiers , authorization tokens and IP addresses , '' Anand says . `` All of these data points should count as private data . '' CloudFlare has been working with various search engines to purge their caches , but in the process , any evidence of the data that was leaked Attack.Databreach is being deleted as well . That makes it hard to quantify the scope of the data breach Attack.Databreach outside of CloudFlare 's own logs . `` There 's a lot of speculation if nation-state sponsored engines will actually purge the data or copy it for further analysis , '' Anand says .