Cyber Threat Report

Cyber Threat Report: Cyber Security News for 07/20/22

TikTok Engaging in Excessive Data Collection
Connecting to mainland China-based infrastructure, the latest report identified multiple instances of unwarranted data harvesting. Read More

What These Two Companies Learned From Their Cyberattack Experiences
Some form of cyberattack at your company is almost inevitable these days. Here's what the two organizations learned from their experiences. Read More

Juniper Networks Patches Over 200 Third-Party Component Vulnerabilities
Juniper Networks last week published 21 security advisories to inform customers about more than 200 vulnerabilities affecting its products. Read More

Critical Infrastructure Operators Implementing Zero Trust in OT Environments
A survey finds that 41% of critical infrastructure operators are in the early stages of zero trust implementation and 88% have taken some steps towards zero trust. Read More

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign
Office 365 users at over 10,000 organizations have been targeted in attacks that have been spoofing the Office online authentication page, since September 2021. Read More

Financial Firms Failing to Fix Authentication Breaches
As many as four in five financial services organizations had experienced a breach where authentication weaknesses were a factor. However, 63% failed to update their authentication systems after the attack. Read More

Langevin Amendment to Boost Cyber Defenses for Critical Infrastructure Wins House Approval
An amendment that includes cyber protections to defend “systemically important” critical infrastructure, won adoption in the U.S. House of Representatives. Read More

Rhode Island Sewer-System Operator Hit by Cyber Attack
The systems hit by the attack are not ones that control the operation of the sewage system. Read More

New MacOS Backdoor Communicates Via Public Cloud
It leverages pCloud, Yandex Disk, and Dropbox to receive commands and exfiltrate files. Read More

Headline Privacy & IT Security Compliance News

In a recent report done by Internet 2.0’s head security engineer Thomas Perkins, the popular social media app, TikTok, was revealed to be participating in unwarranted data collection. Connecting to the mainland China-based infrastructure, information such as; device mapping, hourly monitoring of device location, persistent calendar access, continuous requests for access to contacts, and device information, are reportedly being collected. Internet 2.0 speculates that the purpose for collecting this information was data harvesting.

It’s estimated that 45% of US companies have suffered some form of a data breach within the past year. In this week’s spotlight article, companies Break Free Academy and GDI Insurance Agency recall their encounters with cyberattacks. In more detail, the two businesses explain how the cyber incidents affected their businesses and the safety measures they take moving forward.

Get in touch with Chris Kniffin, Corporate Director, to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.