Data Security

The latest on data breaches and cybersecurity and data security by Adam K Levin.

Simple spelling errors in URLs can expose you to phishing, malware, and other kinds of cyber trickery. In the latest episode of Third Certainty, Adam Levin discusses typosquatting and how it can put your data security in jeopardy.
GPS location tracking
The NSA has issued a cybersecurity advisory about the use of location data on personal devices, social media accounts, mobile applications, as well as Internet of Things-enabled devices. The advisory, titled “Limiting Location Data Exposure,” was released August 4. While it is directed at government officials, the advice could also help the general public mitigate risks to data and privacy...
spear phishing
With the arrest of 17-year-old hacker Graham Ivan Clark in Tampa, Florida and more than 30 charges later, we’re starting to get a better understanding of the July 15 hack that compromised 130 Twitter high-profile accounts.  As suspected by many, including us, the hack deployed a spearphishing attack on Twitter employees.  An official statement from Twitter confirmed the method of attack,...
data leak
A collection of source code from companies including General Electric, Disney, Microsoft, Motorola, Qualcomm, Adobe, Nintendo and Microsoft has been aggregated and posted online.  The repository was released onto Gitlab by software developer and IT consultant Tillie Kottmann and was collected from publicly available leaked data that had been stored on misconfigured online servers. Kottmann has indicated that the bulk...
Email dots, pluses, and burners
If you find your personal email account bombarded with unwanted marketing emails, there’s a good chance your account was compromised in a breach. That said, email these days is a minefield we all need to learn how to traverse safely.  Your email address could present the greatest liability when it comes to cybersecurity and privacy. A recent report found that...
Garmin ransomware
Navigation and wearable device company Garmin experienced a widespread outage after a successful ransomware attack July 23. Recent reports have confirmed that the outage was caused by WastedLocker, a ransomware often used to specifically target and disrupt business operations, and closely associated with Evil Corp, the hacking group behind a $100 million crime spree that began in 2011. Evil Corp was...
Chinese covid hacking
The U.S. Justice Department has accused two Chinese hackers of conducting a massive campaign of intellectual property theft, including Covid-19 vaccine research. In the indictment filed in early July and unsealed earlier this week, the Justice Department accused Li Xiaoyu and Dong Jiazhi of stealing terabytes of research and data over the last several years. Their targets allegedly included high...
Cyberattacks are constantly getting more sophisticated. Barely a day goes by without news of an elite hacking team creating a more stealth exploit--malware, elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. With so many vectors of attack, it's easy to overlook the more basic tricks hackers use. The most common one is...
Twitter Hack
The personal Twitter accounts of Elon Musk, Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Kanye West, Warren Buffett in addition to the official corporate accounts of Apple, Uber, and Cash were hijacked for several hours July 15 in an apparent Bitcoin scam. Most of the messages requested a transfer of Bitcoin with a promise of doubling all payments made...
MGM data breach
The discovery of a database for sale on the dark web suggests the 2019 data breach of MGM Resorts was significantly larger than initially reported. Access to the database was made available on a dark web cybercrime marketplace for roughly $3,000. It contains the personal information of more than 142 million guests of MGM hotels, according to technology reporting site...