The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
Hackers Threaten to Lock 200M+ iCloud Accounts
Hackers are threatening to remotely lock down over 200 million iCloud accounts. Webroot Senior Threat Research Analyst, Tyler Moffitt told SC Media that this may be a bluff. We’ll wait and see on this one since all we have to go off of is the hackers’ word and a few screenshots. We’ll know more as the ransom deadline of April 7th approaches.
American Farmers are Hacking Their Tractors
This isn’t our usual data leak or ransomware attack, it’s black market tractor hacking. Farmers are taking things into their own hands in an effort to thwart manufacturer blocks on their farming equipment. These blocks are an attempt to prevent farmers from going to cheaper, “unauthorized” repair shops to maintain their vehicles. Farmers are starting to hack their equipment with Ukrainian Firmware so they can fix their tractors when they need to and at an affordable price.
ISPs Now Allowed to Sell User Browsing History to Advertisers
It just wouldn’t be the Cyber News Rundown without a new government data leak or citizen privacy battle. The US Senate has voted to eliminate broadband privacy rules that require ISPs to obtain customer consent before selling any sensitive information with advertisers. The vote was split equally down the party lines, and now only a House vote or Presidential veto could stop the roll-back of the privacy rules. The data in question is extremely valuable as major corporations could use it to pattern out an individual’s entire day, based on their Internet usage, purchases made, and places visited.
UK Mobile Data Breach Leaves Customers Stunned
Customers at Three UK found a surprise when signing into their accounts, a breach of privacy where they’d see a stranger’s personal information and call history. The cause of the breach hasn’t been announced but this is their second data exposure within a few months. Although the Three UK breach only affected a small percentage of their 9 million customers, I’m guessing back-to-back data leaks are not helping their retention rates.
McDonald’s Delivery App Vulnerabilities
The McDonald’s India-exclusive app service, McDelivery, is currently under fire for an API leak that has exposed millions of users. The vulnerability was originally reported to McDonald’s in early February and is still unpatched. While reporting these types of breaches isn’t mandatory in India, you’d think the sheer number of users who could be negatively impacted would motivate McDonald’s to release an update. I guess I wouldn’t mind people knowing how often I order off the dollar menu either — but having access to my phone number and address is another story.