Datarisk Digest – 6th Ed.

Hand-picked headlines from Datarisk Canada’s dedicated cybersecurity curators.


Claudiu’s Top Story

TORRENT FREAK: “The NFT Bay” Claims to Share Multi-Terabyte Archive of ‘Pirated’ NFTs

NFTs have become popular over the past year, with people paying up to millions of dollars to “own” these digital items. NFTs are stored as entries on a blockchain, and prove that the buyer is the legitimate owner of this digital item. Recently, however, a vast trove of NFTs has been uploaded to a website called The NFT Bay. This collection of NFTs is approximately 15 terabytes of data, and puts into question the true value of NFTs.

Read More


In the News

CTV NEWS: Ontario Investigating Potential Security Breach Associated with COVID-19 Vaccine Portal

Ontario authorities are investigating reports of a possible security breach associated with the provincial COVID-19 vaccine booking portal. The government has confirmed multiple reports of spam text messages sent to individuals who schedules appointments or accessed vaccine certificates through the COVID-19 immunization system. The government is working with partner ministries and provincial law enforcement to investigate these reports.

Read More


Data Breach

THE VERGE: Over a Million GoDaddy WordPress Customers Had Email Addresses Exposed in Latest Breach

GoDaddy has disclosed a security breach that gave an attacker access to more than 1 million email addresses belonging to the company’s active and inactive Managed WordPress users. The attacker allegedly gained access to a provisioning system two months before the intrusion was noticed. The hackers also gained access to the original WordPress admin passwords set by the provisioner and the credentials for active users’ databases and sFTP systems.

Read More


Ransomware

CNN NEWS: US Government Issues Thanksgiving Ransomware Warning

US officials are warning American businesses and organizations to be cautious of potential ransomware threats this Thanksgiving season. While there is no one specific threat, but ransomware attacks commonly happen on weekends and holidays, when organizations are short-staffed and potentially off-guard. CISA suggests identifying key IT security employees who can be on call in the event of a ransomware attack.

Read More


Smart Home Devices

THE WASHINGTON POST: Big Tech is Pushing Smart Home Devices as the Latest Work-From-Home Tools

The move to work-from-home activity has caused many to use their smart home devices (Amazon Echo or Google Nest, for example) as part of their work life; some workers ask their Google Assistant or Alexa to book meetings, fetch company information, or remind them about events. While this may add convenience to many workers’ lives, the question then becomes: at what expense to security and privacy does convenience come?

Read More


International

CLEAFY: SharkBot: A New Generation of Android Trojans is Targeting Banks in Europe

Security firm Cleafy has discovered a few Android banking trojan named SharkBot that does not belong to any known families. SharkBot’s goal is to initiate money transfers from compromised devices via Automatic Transfer Systems technique bypassing multi-factor authentication mechanisms. Once installed, SharkBot can help hackers gain access to banking information through Accessibility Services.

Read More


Want to stay informed about the latest in cybersecurity? Subscribe to our newsletter to stay in the know.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on email