Posts

October 2018 Cyber Threat Data: Web App Attacks, Ransomware Continue Upward Trend

Throughout 2018, we’ve been sharing monthly updates on the cyber threat data recorded and analyzed by SonicWall Capture Labs, highlighting cyberattack trends and tying it back to the overall cyber threat landscape.

Now, cyber threat intelligence from the SonicWall Capture Security Center is even deeper. The tool now provides empirical data on cyberattacks against web applications. In an increasingly virtual and cloud-connected world, protecting web apps is just as critical as defending more traditional networks.

In October, the overall number of web application attacks continued to rise sharply. We tracked over 1.8 million web app attacks, more than double the volume of attacks for the same time period in 2017.

One factor influencing this is the continued growth explosion of the Internet of Things (IoT), which has added billions of connected devices online, each bringing new and unique potential for vulnerabilities and weaknesses.

While the headline-grabbing news often focuses on processor attacks like Spectre or Meltdown, companies that aren’t using security measures, like SonicWall Capture Advanced Threat Protection with Real-Time Deep Memory Inspection (RTDMI), can leave their standard applications exposed and vulnerable to cybercriminals who are always looking for a weakness.

The volume of ransomware attacks also continued its global upward trend in October. So far in 2018 we’ve seen over 286 million worldwide attacks, up 117 percent from 132 million this time last year. On an individual customer level, that’s 57 attacks per day per customer, an increase from only 14 in October last year.

The growing frequency and complexities of cyberattacks paint a dire picture for global businesses of all sizes. The good news is that by assessing your business’s cybersecurity risk, improving overall security behavior, and ensuring that you are utilizing the right cybersecurity solutions for your business, it’s possible to protect your business from most data breaches.

October Attack Data

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded the following 2018 year-to-date attack data through October 2018:

  • 9.2 billion malware attacks (44 percent increase from 2017)
  • 3.2 trillion intrusion attempts (45 percent increase)
  • 286.2 million ransomware attacks (117 percent increase)
  • 23.9 million web app attacks (113 percent increase)
  • 2.3 million encrypted threats (62 percent increase)

In October 2018 alone, the average SonicWall customer faced:

  • 1,756 malware attacks (19 percent decrease from October 2017)
  • 819,947 intrusion attempts (17 percent increase)
  • 57 ransomware attacks (311 percent increase)
  • 8,742 web app attacks (185 percent increase)
  • 152 encrypted threats (12 percent increase)
  • 12 phishing attacks each day (19 percent decrease)

SonicWall Capture Security Center

SonicWall cyber threat intelligence is available in the SonicWall Security Center, which provides a graphical view of the worldwide attacks over the last 24 hours, countries being attacked and geographic attack origins. This view illustrates the pace and speed of the cyber arms race.

The resource provides actionable cyber threat intelligence to help organizations identify the types of attacks they need to be concerned about so they can design and test their security posture ensure their networks, data, applications and customers are properly protected.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Secures Hybrid Clouds by Simplifying, Enhancing Deployment for Enterprises, SMBs – SonicWall Press Release

  • This week SonicWall announced a major expansion of their Capture Cloud Platform including secure SD-WAN, Zero-Touch Deployment, and personalized cyber threat intelligence.

Congress Passes Bill Creating Cybersecurity Agency at DHS – Security Week

  • SonicWall CEO Bill Conner talks to Security Week with his thoughts on why the Cybersecurity and Infrastructure Security Agency (CISA) Act is paramount for securing critical digital infrastructure.

Free SD-WAN Capability Highlights New SonicWall Capture Cloud Platform Announcements – Channel Buzz (Canada)

  • SonicWall’s Lawrence Pingree talks to Channel Buzz about SonicWall’s recent product expansion announcement and how he sees SonicWall’s position now compared to 12 months ago.

13 Tech Experts Share What Facebook Should Do Post-Data Breach

  • Bill Conner, CEO of SonicWall, is featured as a member of the Forbes Tech Council highlighting why good policy is important for a company like Facebook if they want to be able to recover from a data breach.

Cyber Security News

Researchers Discover Seven New Meltdown and Spectre Attacks – ZDNet

  • A team of researchers have found that new variants of Meltdown and Spectre are being released. SonicWall confirmed that Capture ATP cloud sandbox with Real-Time Deep Memory Inspection will stop them.

Nordstrom Blames Breach of Employee Data on Contractor – BankInfoSecurity

  • US department store Nordstrom suffered from an internal breach of employee data in October and have pinned the problem on a contractor.

Scare Force: Pakistan Military Hit by Operation Shaheen Malware – The Register (UK)

  • The Pakistan Air Force and Government have been hit with a concentrated phishing and malware campaign according to new research by Cylance.

Mozilla: Firefox Will Start Alerting You to Recently Breached Sites – ZDNet

  • Firefox Monitor, previously a separate website, is being expanded and integrated into the Firefox web browser and will inform users with an alert if a website being visited has had a breach reported in the previous 12 months.

2018 on Track to Be One of the Worst Ever for Data Breaches – Dark Reading

  • A new report says that 2018 is currently only behind 2005 when it comes to data breaches, with up to 3.6 billion records compromised so far.

Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers – Threat Post

  • As many as fourteen types of malware are found to be readying themselves to take advantage of unsuspecting online shoppers.

A Leaky Database of SMS Text Messages Exposed Password Resets and Two-Factor Codes – Tech Crunch

  • An exposed server was found with tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more all easily accessible.

In Case You Missed It

Monitor & Optimize Your Cybersecurity Posture with Real-Time Risk Metering

Modern organizations understand the criticality of having the best possible cyber defense to defend against malicious actions of skillful cybercriminals. Most firms today employ various cybersecurity tools designed to help prevent inevitable attacks from wreaking havoc and causing data loss.

“The increase in internet-connected devices and cloud application usage exacerbates the situation as threat vectors expand beyond the traditional corporate perimeter.”

Yet, why do CIOs and CISOs, and their security teams, still caution about the state of their organization’s security posture?

Simply, it’s because new scams, vulnerabilities, exploits, malware and hacking techniques used in cyberattacks represent an ongoing risk. The increase in internet-connected devices and cloud application usage exacerbates the situation as threat vectors expand beyond the traditional corporate perimeter.

Typical threat vectors include the network, web, cloud, applications, endpoints, mobile devices, databases and even the Internet of Everything (IoE) — all are possible defenseless launch pads bad actors use to attack their victims.

Thus, the pressing concerns we often hear from our customers, with regards to their security operations, are about understanding their risk profile and responding to risks. However, the lack of visibility and awareness of daily security situations makes it nearly impossible to determine the proper responses.

A data breach happens quickly. During such a security incident, figuring out where risks exist, the current reality of their security posture and, ultimately, what security actions are necessary are top security priorities. Security-conscious organizations need an easy and reliable way to:

  • Analyze and measure their security posture in real time
  • Perform ‘what-if’ analysis on various defense layers
  • Identify defensive actions needed to remove present risks

Manage Cyber Risks via SonicWall Risk Meters

To solve these three core security challenges, SonicWall introduces Risk Meters, a powerful risk management service that provides personalized threat information and risk scoring adapted to individual situations.

A new capability of the Capture Security Center, Risk Meters help reveal weaknesses in current defensive layers and guides immediate and necessary defensive actions for a specific environment.

Risk Meters provides real-time display of live attacks, coupled with detailed graphs and charts, that capture malicious activities at the specific defense layer that could result in compromised networks, systems and data residing on-premises or in the cloud.

Capture Security Center Risk Meters
Restrict the focus on incoming attacks in a specific environment
Display live attacks in real-time
Categorize attackers’ malicious actions at the specific defense layer
Update computed risk score and threat level based on live threat data relative to existing defense capabilities
Underscore current security gaps where preventable threats get through due to missing defenses
Promote immediate defensive actions in response to prevent all incoming threats

How Risk Meters Work

Available in January 2019, the Risk Meters service categorizes attackers’ actions, underscores current security gaps where preventable threats get through due to missing defenses, and presents appropriate responses to neutralize incoming threats. The solution can be tailored to a specific environment by compiling and accurately parsing threat information exclusive to an environment.

Additionally, Risk Meters continuously update computed risk score and threat level based on live threat data relative to existing defense capabilities. These logical scores may be used to guide security planning, policy and budgeting decisions.

Risk Meters enable precise defensive measures that optimize network, cloud, web and endpoint defenses, and shrinks the threat surface and susceptibility to cyberattacks.

Such measures include turning on SSL/TLS inspection, application visibility, sandboxing services, processor and memory scanning, and/or next-generation antivirus (NGAV). These, in turn, enable organizations to catch the most evasive malware hiding inside encrypted traffic, ransomware and never-before-seen malware variants.

With actionable threat data at your fingertips, Risk Meters empowers you to shrink the threat surface and susceptibility to cyberattacks, guide security planning, policy and budgeting decisions, and bolster your security posture.

Measure Your Organization’s Cyber Risk Score

The SonicWall Capture Security Center Risk Meters service will be available in January 2019 to deliver personalized threat information and risk-scoring that reveals gaps in defensive layers, fosters decisive security planning and facilitates actions needed for an optimal cyber defense.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New NIST Small Business Cybersecurity Act to Provide Guidance for Protecting SMBs – SonicWall eBook

  • If you’re a small to medium-sized business (SMB) looking for guidance on the NIST Small Business Cybersecurity Act, get this eBook. It includes an explanation of the act and information on how best to protect yourself and your business.

Intel CPUs Fall to New Hyperthreading Exploit That Pilfers Crypto Keys – Ars Technica

  • PortSmash is a new attack that exploits Intel’s Hyper-Threading architecture. SonicWall adds a layer of protection against this exploit and other similar side-channel attacks.

Cyber Security News

The Mad Dash to Find a Cybersecurity Force – The New York Times

  • The need for skilled cybersecurity experts in the workplace is growing faster than the talent pool can provide with an estimated 3.5 million cybersecurity jobs available but unfilled by 2021.

Lazarus FASTCash ATM Attack Details Discovered – SC Magazine

  • North Korean hacker group Lazarus has been using FASTCash trojan on obsolete AIX servers to hack ATMs and steal tens of millions of dollars.

Data of Nearly 700,000 Amex India Customers Exposed via Unsecured MongoDB Server – ZDNet

  • American Express India has been caught with an unencrypted server accessible online without a password, exposing a huge amount of personal data.

HSBC Customers Hit by Data Breach in US Business – BBC News

  • At least one customer in every U.S. state has been affected by a data breach that occurred between October 4 and 14 of this year. HSBC say it affected less than 1 percent of its U.S. customer base but the details include account numbers and transaction histories.

Cambodia’s ISPs Hit by Some of the Biggest DDoS Attacks in the Country’s History – ZDNet

  • Someone is bombarding ISPs in Cambodia with DDoS attacks and ZDNet have a few theories on who it might be.

Private Messages From 81,000 Hacked Facebook Accounts for Sale – BBC

  • Hackers who claim to have access to 120 million Facebook accounts have been attempting to sell private messages online for as little as 10 cents per account.

Ransomware Keeps Ringing in Profits for Cybercrime Rings – BankInfoSecurity

  • If you’re confused by the many different types of ransomware in the news right now, BankInfoSecurity explain current trends and who is most at risk.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Channelnomics Innovation Awards – Channelnomics

  • SonicWall’s Steve Pataky is up for Security Channel Chief of the Year, vote for him today!

British Airways Confirms Theft of Additional Data – Silicon (UK)

  • In light of many recent high-profile breaches, SonicWall CEO Bill Conner spoke to Silicon about the responsibility that companies bear when guarding customer data.

2018 ChannelPro SMB All-Stars – ChannelPro

  • SonicWall has been named one of the ChannelPro 2018 SMB All-Stars, an award that honors organizations that do something “truly special” with “significant impact on the SMB channel.”

Cyber Security News

Canada’s Mandatory Breach Notification Rules Now in Effect – Bank Info Security

  • As of Nov. 1, Canadian organizations must record all data breaches, big or small, and report major ones. Records must be kept for at least two years.

Radisson Hotel Group Suffers Data Breach, Customer Info Leaked  – ZDNet

  • Loyalty members of the Radisson Hotel Group have email addresses, phone numbers and more leaked. No financial data is said to be exposed.

White House Sets Deadlines for Agencies to Protect Their Digital Crown Jewels – NextGov

  • Homeland Security has until April 2019 to develop a tool that will map cybersecurity problems in federal agencies following a report in May of this year that found that up to three-quarters of federal agencies were at risk of a breach.

Nice Work if You Can Get It: GandCrab Ransomware Nets Millions Even Though It Has Been Broken – The Register

  • There’s a free decryption tool now available if you’re caught by GandCrab, but in the past 3 months alone the ransomware is still estimated to have netted its owners $300 million.

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks – Krebs On Security

  • The convicted co-author of the Mirai botnet malware has been sentenced to 2,500 hours of community service, six months home confinement and ordered to pay $8.6 million for his use of Mirai in attacks against Rutgers University, New Jersey.

Assault and Battery: Malvertising Campaign Checks User Device’ Charge as Anti-Detection Technique – SC Magazine

  • JuiceChecker-3PC is a clever mobile malware that doesn’t run when a phone battery is low or high in an attempt to avoid detection by security programs that are activated when a phone is charging.

Magecart Claims Fresh Victim in Electronics Kit Seller Kitronik – ZDNet

  • Magecart’s prolific streak continues as electronics outlet Kitronik join British Airways and Ticketmaster in confirming that it has been hit by the malware. Data exposed this time includes complete card details, names and addresses.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Privacy Problems for FANG Companies Might Beget M&A Action in Cybersecurity – The Street

  • SonicWall CEO Bill Conner predicts that large tech companies and social media giants will look to mergers and acquisitions (M&A) to address the shortage of available cyber security talent and stave off further punishment and damages caused by breaches and other cyber security incidents.

WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors – Dark Reading

  • Lawrence Pingree offers his perspective on the most recent Facebook breach revelations.

Cyber Security News

Apple CEO Condemns ‘Data-Industrial Complex’ – The Wall Street Journal

  • Apple CEO Tim Cook is calling for new digital privacy laws in the United States to be drawn up, warning that the collection of huge amounts of private and everyday information is being “weaponized against us with military efficiency.”

EU Takes Step Toward Cyberattack Sanctions – Dark Reading

  • The European Union has approved a proposal to place further sanctions on nations proven to have carried out a cyberattack.

Cathay Pacific Says Data of 9.4 Million Passengers Stolen in Hack – The Telegraph (UK)

  • Hong Kong airline Cathay Pacific has suffered a breach affecting up to 9.4 million passengers, including over three quarters of a million passport numbers.

Super Micro to Review Hardware for Malicious Chips – Reuters

  • Super Micro is agreeing to review their hardware in the wake of reports that the Chinese authorities are placing spying chips in their hardware. They deny all the allegations.

Who Is Agent Tesla? – Krebs on Security

  • Openly available for commercial license, Agent Tesla is classified by many as password-stealing malware. Krebs on Security investigates the not-so-well-hidden identity of Agent Tesla’s creator following a 100 percent usage increase of the program in August 2018.

Yahoo to Pay $50M, Other Costs for Massive Security Breach – Associated Press

  • The fallout from the biggest security breach of all time looks to be finally drawing to a close.

Magecart Cybergang Targets 0days in Third-Party Magento Extensions – Threat Post

  • Magecart, the malware behind the Ticketmaster and British Airways breaches, continues to be updated and reconfigured, now targeting unpatched vulnerabilities in third-party plugins used in the Magento e-commerce platform.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

10 Security Advances That Could Change the Game  – Channel Partners Online

  • SonicWall’s Lawrence Pingree shares his perspective on the need for rapid chip augmentation in order to successfully combat the cybersecurity war in 2019.

SonicWall and Partners Take Part at GITEX Technology Week – Tahawul Tech

  • SonicWall is a major presence at GITEX Technology Week, one of the biggest technology events in the world.

How Cyberhardening Can Reduce Risk to the Entire Medical Community – Beckers Hospital Review

  • Data from SonicWall’s Capture Labs is used to help show just how much data in the medical industry is vulnerable to cyberattack.

Cyber Security News

Facebook Finds Hack Was Done by Spammers, Not Foreign State – The Wall Street Journal

  • Facebook thinks that spammers looking to make money through advertising, and not a nation-state, are responsible for a recent data breach involving the data of 30 million accounts.

The Mysterious Return of Years-Old Chinese Malware – Wired

  • A modified version of malware dating back to 2010, that has never been made public and is not known to have been sold on the black market, has had a mysterious resurgence in recent months.

Pentagon Discloses Card Breach – ZDNet

  • Only a week after reporting that it was struggling to meet the demands of cyberwarfare, the Pentagon confirms that a security breach affecting up to 30,000 personnel was discovered at the start of October this year.

UK Firms “Not Prepared” for Data Breaches – Tech Radar

  • It’s not just U.K. firms. According to a report released for European Cybersecurity Month. one in six European businesses are not prepared for a cyberattack, even though over a third of them have suffered from a data breach in the past year.

Zero-Days, Fileless Attacks Are Now the Most Dangerous Threats to the Enterprise  – ZDNet

  • According to a study conducted by the Ponemon Institute, the average cost of a successful endpoint-based attack has increased by roughly 42 percent year-on-year with the average organization losing over $7 million.

New Cyberdefenses to Protect Your Smart Appliances From Hackers – The Wall Street Journal

  • A partnership was announced between U.K. based chip-designers Arm and Boston-based cybersecurity firm Cyberreason; they aim to develop secure chip designs specifically protecting Internet of Things (IOT) devices from cyberattack.

Report: Cryptocurrency Exchanges Lost $882 Million to Hackers – Bank Info Security

  • Cryptocurrency exchanges continue to suffer from successful cyberattacks and a newly released study has tallied the damages at $882 million in the past two years, this is only expected to get worse in 2019.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

“A leader has to be passionate about their work be able to motivate their teams to be equally passionate” With Bill Conner – Authority Magazine

  • Bill Conner, CEO of SonicWall, is interviewed about his career, from his days loading shipping containers all the way to his current role.

Cryptomining Malware Steals Fortnite Gamers’ Bitcoins and Personal Data – SC Magazine (UK)

  • As malware continues to target Fortnite players, SonicWall’s Lawrence Pingree talks about the probable future of kinetic ransomware.

Chart of the Day: Google Plus Never Got off the Ground – Real Money

  • SonicWall CEO Bill Conner weighs in with his thoughts on the importance, or not, of the Google Plus breach.

Cyber Security News

Pentagon Struggling to Meet Cyber Challenges, as Modern Warfare Goes High Tech – The Washington Times

  • The Pentagon wants to avoid another “Beast of Kandahar” situation but is struggling to keep its cybersecurity stronger than its attackers.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom – Bloomberg

  • Accusations that China are inserting spying chips into US companies’ hardware are still being made and are spreading to other companies.

Medtronic Disables Pacemaker Programmer Updates Over Hack Concern – Reuters

  • There have been no documented reports of the vulnerability being exploited but the company are taking no chances with peoples’ hearts.

Vietnam Cyber Law Set for Tough Enforcement Despite Google, Facebook Pleas – Reuters

  • Companies will be required to store a wide range of user data and set up offices inside the country.

Heathrow Airport Fined £120,000 Over USB Data Breach Debacle – ZDNet

  • A memory stick with unencrypted private data of airport employees was found by a member of public last year.

Payment-Card-Skimming Magecart Strikes Again: Zero out of Five for Infecting E-Retail Sites – The Register (UK)

  • The British Airways and Ticketmaster attacking toolkit Magecart isn’t going away, this time turning up in a plugin called Shopper Approved that is used by hundreds of e-commerce sites.

This Cryptojacking Mining Malware Pretends to Be a Flash Update – ZDNet

  • The much-maligned Flash software now has the added problem of an imposter program that uses a victim’s computer to mine for the Monero cryptocurrency.

In Case You Missed It

How to Stop Malware-Created Backdoors

Hackers have been placing backdoors into systems for years for a variety of purposes. We have all read the stories about backdoors being installed in retailers to siphon payment card information; a PSI DSS and reputation nightmare.

Backdoors also have been deployed in government and higher education institutions to gather intellectual property, such and defense and trade secrets. Medical institutions pay out settlements due to HIPAA violations caused by these forms of malware every year.

A perfect example of a backdoor-creating malware is Calisto. This backdoor trojan is designed for macOS (many executives use Macs) and attempts to install itself in different folders until it finds a home and then enable accessibility authorization.

If this can be accomplished, it will open a backdoor to the hacker to control the entire system. In most cases, this malware fails (due to protections placed on new Macs) but can leave behind system vulnerabilities.

So, how do you stop such an aggressive form of malware? It’s important to know that not all trojans are alike.

Some will create a customized payload every time it lands on a new system to avoid future attacks being blocked by signatures. SonicWall stops known backdoors on our next-generation firewalls (NGFW) and can test and find new versions of backdoor malware with the Capture Advanced Threat Protection (ATP) sandbox service.

But for threats that land on the endpoint, the key is using advanced artificial intelligence (AI) that can detect the malware’s presence on the endpoint. Does it try to bypass antivirus? Does it embed itself in a directory it shouldn’t? Does it attempt to download something from a command and control (C&C) server? These are just some of the ways Calisto can be identified.

To properly stop Calisto and other backdoor-building malware, download the exclusive tech brief: Protecting macOS Endpoints from Calisto. The brief will explore:

  • Origin of Calisto
  • Why SIP enablement is not enough
  • How the malware delivers its payload
  • Secondary steps the malware will take to ensure execution
  • Proven solutions for stopping Calisto

 

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Facebook Hack: People’s Accounts Appear for Sale on Dark Web – The Independent (UK)

  • SonicWall CEO Bill Conner shares his thoughts on the fallout from the recent Facebook hack.

The A-Z of Security Threats 2018 – ITPro

  • SonicWall’s Laurence Pingree mans the letter E in this alphabet of cybersecurity threats for 2018.

100 People You Don’t Know but Should 2018 – CRN

  • Congratulations to John Mullen, included in the CRN 2018 list.

UK and Allies Accuse Russia of Cyber Attack Campaign – ComputerWeekly

  • SonicWall CEO Bill Conner encourages global co-operation following the UK National Cyber Security Centre (NCSC) directly linking Russia with cyberattacks.

Cyber Security News

National Cybersecurity Awareness MonthOfficial Website

  • October marks the 15th annual National Cybersecurity Awareness Month (NCSAM). Follow the activity online using the hashtags #NCSAM and #CyberAware.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

  • Hardware hacks are rare but, if successful, the payoff for them can be huge. Both Amazon and Apple may have been the victim of such a hack.

Meet Torii, a New IoT Botnet Far More Sophisticated Than Mirai Variants  – ZDNet

  • A very sophisticated Internet of Things botnet has been found and experts are impressed, “The author is not your average script kiddie.”

BUPA Fined $228,000 After Stolen Data Surfaces on Dark Web – BankInfoSecurity

  • British data-protection regulators are taking a dim view of companies who are not exercising good cybersecurity practises.

Gwinnett Medical Center Investigates Possible Data Breach – ZDNet

  • A security incident has led to a possible leak of patient information online.

Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

  • The Facebook hack has major implications for any site that uses Facebook as a login tool.

Malware Scam Targets Fortnite Cheaters and Their Bitcoin Wallets – CNET

  • If you’re looking to cheat at Fortnite then you are at risk of being cheated yourself.

In Case You Missed It