Backdoor Found in Children’s Smartwatch
Researchers have discovered that the X4, made by Norwegian smartwatch seller Xplora, contains a backdoor that could allow for information to be stolen. The X4 watch is designed specifically for children with a limited number of capabilities, mostly for children’s security. The backdoor, however, could allow attackers to take snapshots, view messages, call records, and access geolocational data from the wearer. The watches are designed and built in China and it remains unclear who has access to data created and stored on the devices.
Ransomware Strikes London Borough
The London borough of Hackney recently fell victim to a ransomware attack, taking several of the council’s primary services offline. While still little is known about the attack, it’s likely that encrypted files were also stolen for auctioning to the highest bidder. Council officials are working with law enforcement to determine the initial attack vector and information that may have been targeted.
Carnival Reveals Updates to Recent Cyberattack
Nearly two months after a ransomware attack compromised a third-party vendor for the Carnival Corporation, the company announced sensitive passenger information has indeed been exposed. An undetermined number of customers and employees may be affected across three Carnival cruise lines. With 150,000 employees worldwide, and upwards of 13 million customers, this data breach could be affect millions of individuals.
Ransomware Takes Aim at International Law Firm
International law firm Seyfarth Shaw has confirmed a ransomware attack targeted their systems over the weekend. While the extent of the attack remains unclear, several systems were forced offline after encryption was executed to stop additional spreading. Firm officials stated that no client information was stolen or illicitly accessed, but they are still operating without email or a live website. Some systems were saved from the attack but officials have yet to confirm if customers were affected by the breach.
Software AG Suffers Major Data Breach
German IoT specialist Software AG suffered a ransomware attack that was able to exfiltrate significant amounts of data. Officials have confirmed that, while they have been able to maintain online services throughout the attack, the malicious downloading of an unknown amount of sensitive data did take place. The attacking group has not yet been identified, but other attacks of similar scale have cost companies anywhere from $20 to $70 million in ransoms for the return of their data.