InfoSecSherpa Newsletter — 10 June 2021
3 min readJun 10, 2021
- China-based hackers luring Indians into fake Tata Motors scam
(ET CIO, 10 June 2021)
Cyber-security researchers in India on Thursday said they have discovered a malicious free gift campaign pretending to be an offer from Tata Motors that is collecting users’ data, and the campaign has been traced to China-based hackers. - Defending against cyberattacks in Idaho
(KTVB, 09 June 2021)
The state of Idaho, like other major government entities, has been targeted in the past with cyber and hacking threats. That resulted in then-Gov. Butch Otter appointing the state’s first information security director, an indication that Idaho was very serious about digital threats. - There is No Separating Physical and Cybersecurity Risk
(Security Info Watch, 09 June 2021)
It is more important than ever that there be a convergence of practice and responsibility between physical and cybersecurity when it comes to protecting the Crown Jewels of corporate America — brand and data. - How Secure is Your Security Data Lake?
(Bank Info Security, 09 June 2021)
Cloudera’s Carolyn Duby on New Approaches to Securing SOC Data. - Stripe Launches Global Tax Compliance Service
(PYMNTS, 10 June 2021)
Stripe launched its own tax compliance service for businesses in more than 30 countries around the world Thursday (June 10), the FinTech announced in a press release emailed to PYMNTS. - Are The FBI’s ‘Most Wanted’ Chinese Spies Hacking The Airline Industry?
(Forbes, 10 June 2021)
But a cybersecurity company is now claiming, with “moderate” confidence, that a prolific Chinese government-sponsored espionage and cybercriminal group known as APT41 was to blame for the Air India breach. - Disengaged Employees Could Become Your Organization’s Greatest Security Threat
(InfoSecurity Magazine, 10 June 2021)
Not only are disengaged employees more susceptible to outside manipulation, they are more likely to leave systems vulnerable due to negligence, and are at greater risk of leaking sensitive company information. - Machine Learning Basics Everyone Should Know
(Information Week, 10 June 2021)
Artificial intelligence, machine learning, deep learning, neural networks. ML terms are often used synonymously, but their differences are important to understand. - Qatar’s Al Jazeera Network Says It Fought The Cyber Attack
(Bollyinside, 10 June 2021)
“Al Jazeera’s service provider was able to monitor and fend off all the hacking attacks and prevent them from achieving their goal,” it said in the late Wednesday statement. It said the peak of the attacks came on Sunday ahead of a documentary described on Al Jazeera’s Arabic YouTube channel as detailing indirect negotiations between Israel and Palestinian militant group Hamas, which included a voice recording purportedly of an Israeli held prisoner in Gaza. - Mystery malware steals 26M passwords from 3M PCs. Are you affected?
(Ars Technica, 09 June 2021)
Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified.
