Backdoor Found in Children’s Smartwatch
Researchers have discovered that the X4, made by Norwegian
smartwatch seller Xplora,
contains a backdoor that could allow for information to be stolen. The X4 watch
is designed specifically for children with a limited number of capabilities, mostly
for children’s security. The backdoor, however, could allow attackers to take
snapshots, view messages, call records, and access geolocational data from the
wearer. The watches are designed and built in China and it remains unclear who
has access to data created and stored on the devices.
Ransomware Strikes London Borough
The London borough of Hackney
recently fell victim to a ransomware attack, taking several of the council’s
primary services offline. While still little is known about the attack, it’s likely
that encrypted files were also stolen for auctioning to the highest bidder.
Council officials are working with law enforcement to determine the initial
attack vector and information that may have been targeted.
Carnival Reveals Updates to Recent Cyberattack
Nearly two months after a ransomware attack compromised a third-party
vendor for the Carnival
Corporation, the company announced sensitive passenger information has indeed
been exposed. An undetermined number of customers and employees may be affected
across three Carnival cruise lines. With 150,000 employees worldwide, and
upwards of 13 million customers, this data breach could be affect millions of
individuals.
Ransomware Takes Aim at International Law Firm
International law firm Seyfarth
Shaw has confirmed a ransomware attack targeted their systems over the
weekend. While the extent of the attack remains unclear, several systems were
forced offline after encryption was executed to stop additional spreading. Firm
officials stated that no client information was stolen or illicitly accessed,
but they are still operating without email or a live website. Some systems were
saved from the attack but officials have yet to confirm if customers were
affected by the breach.
Software AG Suffers Major Data Breach
German IoT specialist Software
AG suffered a ransomware attack that was able to exfiltrate significant
amounts of data. Officials have confirmed that, while they have been able to
maintain online services throughout the attack, the malicious downloading of an
unknown amount of sensitive data did take place. The attacking group has not
yet been identified, but other attacks of similar scale have cost companies
anywhere from $20 to $70 million in ransoms for the return of their data.