North Korea, iOS hacking and PornHub's malware fling: This week in cybersecurity
IBTimes UK tech team brings you some of the best security stories of the week.
There is never a dull moment in the world of cybersecurity.
This week, global consultancy firm Accenture was widely lambasted for leaving troves of sensitive data exposed on unprotected cloud servers. Meanwhile, stealthy North Korean hackers emerged from the digital shadows to hijack South Korean military secrets.
In one of the most shared stories on IBTimes UK this week, cybersecurity experts found strong evidence that hackers had exploited PornHub – one of the most popular adult websites in the world – in order to serve up advertising malware. Additionally, troubled credit monitoring firm Equifax stumbled into another mess.
Here is IBTimes UK tech team's pick of the biggest cybersecurity stories of the week:
Equifax's website served up malicious adware disguised as a Adobe Flash Player
Equifax was forced to take down a webpage that offered credit report assistance after third-party code on it directed visitors to download and install adware disguised as a fake Adobe Flash Player update. Previously, the firm lost 145.5m US records.
Would you fall for this iOS phishing scam? Rogue pop-ups hijack Apple passwords
How do you steal someone's Apple ID password? Well, have you tried asking nicely? That was the approach taken by Apple iOS code researcher Felix Krause, who this week (Tuesday 10 October) published a blog post showing just how easy it was to steal victims' personal credentials.
Accenture's 'keys to the kingdom' left exposed via unsecured cloud servers
It emerged that Accenture, one of the world's biggest consultancy firms, left at least four cloud storage servers containing highly sensitive decryption keys and passwords exposed to the public, without any password protection. It was found online by UpGuard.
North Korea hackers stole US-South Korea war plans on 'decapitating' Kim regime
North Korean hackers were suspected to have hacked, stolen and leaked a massive trove of military secrets belonging to rival South Korea. The stolen data, estimated to be around 235 GB, included secret Seoul-Washington plans detailing procedures on how to handle an all-out war.
Hackers target 'millions of PornHub users' worldwide with booby-trapped advertising
The one that everyone noticed: Millions of internet users in the US, Canada, UK and Australia were targeted by a hacking group called KovCoreG which took advantage of PornHub, one of the world's most visited adult websites, to spread booby-trapped downloads posing as updates.
Hyatt Hotels data breach: Hackers accessed visitors' credit card info from 41 hotels
Hyatt Hotels discovered that its payment systems were breached, exposing visitors' payment card information from 41 hotels in 11 countries earlier this year. The hospitality giant said that its cybersecurity team found signs of unauthorised access to customers' card data.
Disqus hacked: More than 17.5m users' details stolen by hackers in 2012 data breach
Lastly, Disqus revealed that hackers stole details of more than 17.5m users in a major data breach back in July 2012. The company, which provides a web-based plugin for websites and blogs, said the stolen data included usernames, sign-up dates and last log-in dates in plain text format.
