Cyber Threat Report: Cyber Security News for 09/08/23

Maker Of ‘Smart’ Chastity Cage Left Users’ Emails, Passwords, And Locations Exposed
A company that makes a chastity device that can be controlled by a partner over the internet exposed users’ email addresses, plaintext passwords, home addresses and IP addresses, and — in some cases — GPS coordinates, due to several flaws in its servers, according to a security researcher. Read More

Cyber Professionals Say The Industry Urgently Needs To Confront The Mental Health Crisis
There's a growing awareness about mental health across the industry, but many professionals say it's not enough. Read More

Thousands of Popular Websites Leaking Secrets
Popular websites are leaking their secrets, including .git directories and AWS and GitHub keys. Read More

Feds Publicly Name 130 Healthcare Firms Using Web Trackers
FTC, HHS Warn Hospitals, Telehealth Firms of Privacy Violations With Tracker Use Read More

Read the Fine Print: Top Cyber Insurance Considerations
It is increasingly important to carefully examine their cyber and other insurance policies to see what risks are and are not covered in the event of a cyber incident, as the threat landscape continues to evolve. Read More

Multiple Microsoft Failings Led To Chinese Hackers Stealing Cryptographic Key
An advanced persistent threat (APT) group it tracks as Storm-0558 had acquired and used a private encryption key to forge authentication tokens to access the cloud-based email accounts of at least two dozen organizations. Read More

AI abuse grows beyond phishing to multistage cyberattacks
This would dovetail with similar abuse of generative AI by criminals. In April, Darktrace reported a 135% uptick in “novel social engineering attacks” in what it believes is an abuse of platforms such as ChatGPT. Read More

API Vulnerabilities: 74% of Organizations Report Multiple Breaches
Within the past two years, 60% of organizations surveyed reported at least one breach, with a substantial 74% experiencing three or more incidents. Read More

The International Criminal Court Will Now Prosecute Cyberwar Crimes
The first case on the docket may well be Russia's cyberattacks against civilian critical infrastructure in Ukraine. Read More

Sec Cyber Disclosure Rules Put Ciso Liability Under The Spotlight
Security executives find themselves in the eye of the needle as governance and incident response come into focus. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Just last week, a significant cybersecurity concern emerged surrounding a chastity device designed for remote partner control. Researchers have identified a notable security flaw in this device, originally intended to be managed via a smartphone app. This vulnerability could potentially be exploited by malicious hackers to gain unauthorized access to the device, remotely lock it, and even track its physical whereabouts.

An escalating concern surrounds cybersecurity professionals, as they grapple with declining mental health in their field. The inherent nature of their work exposes them to ongoing virtual threats, unrelenting pressure to safeguard sensitive data, and persistently high-stress levels. Unfortunately, the field lacks adequate mental health resources and support, leading to a concerning rise in burnout cases. This underscores the pressing need for heightened awareness and comprehensive initiatives aimed at promoting the mental wellness of cybersecurity experts in an environment marked by escalating demands and high stakes.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.