This week, we saw one of the more damaging security breaches of popular third-party authentication vendor, Onelogin reported that a set of their AWS keys had been compromised and customer credentials stolen. In an email from OneLogin to it’s customers, OneLogin advised customers to generate new credentials for everything – no small feat for some enterprises.
In another case of blackmail, cyber-criminals broke into a plastic surgery clinic and released private photos after attempting to extort Bitcoins from the clinic and its patients.
As hacking becomes mainstream entertainment for the masses with a new reality TV show, Google announces it’s second annual capture the flag (CTF) event. While in the real world, US Senators introduced a bill to establish a bug bounty program for the DHS and sensitive DoD data is discovered on AWS due to poor security practices by a leading government contractor.
Over in Russia, President Putin commented that “If they (hackers) are patriotically-minded, they start to make their own contributions to what they believe is the good fight…”.
As the next set of ShadowBrokers leaks go on sale with their Dump of the Month Service, an attempt to crowdsource the purchase of the exploits was retracted following the advice of various attorneys, law enforcement, and comments from security pundits.
In other news, the Mary Meeker Annual Internet Trend report was released. This comprehensive report includes a little of everything for everyone including how digital advertising on mobile is surpassing desktop, while adblocking software continue to rise; a focus on digital health; competition about cloud providers; China; and more.