Yidun Business Risk Control Weekly Report weekly reports of noteworthy security technologies and events, including but not limited to content security, mobile security, business security and network security, to help enterprises be more vigilant and avoid these seemingly small but big ones that affect the healthy development of the business Security Risk.
1. The Ministry of Culture once again reviewed live broadcast and game products, and has removed 4,939 live broadcast applications
On April 17 , the State Administration of Culture and Tourism issued a document stating that it is conducting a law enforcement review of 30 online performance platforms and 50 online game collections.
For this time, the main purpose is to check whether there is any prohibited content in these products. Such as endangering social morality, advocating violence, gambling, superstition, obscene pornography, infringing minors, and streamers reviewing qualifications, etc. At present, 110 live broadcast rooms have been investigated for problems , and they will be investigated and dealt with in the future.
2. Beijing industry and commerce interview "Douyin": requiring timely blocking of illegal live broadcasts
Recently, in response to a public opinion report that the “Douyin” short video platform was suspected of releasing fake videos, the Haidian Branch of the Beijing Municipal Administration of Industry and Commerce conducted an interview with the platform operator, Beijing Weibo Vision Technology Co., Ltd. in a timely manner.
At the interview, the person in charge of the company gave feedback on the investigation situation, saying that the platform had taken measures to delete and ban the suspected illegal content on the platform. Up to now, a total of 805 videos have been checked and deleted , 677 accounts have been banned, and 67 groups of Tianji banned keywords.
3. TrueMoveH , Thailand's largest 4G mobile operator, suffered a data breach
As Thailand's largest 4G mobile operator TrueMoveH suffered a data breach, the data of 46,000 people on AWS was directly exposed online, including information such as driver's licenses and passports.
TrueMove H could face penalties for data breaches, a legal expert said, while security experts called on telecom operators to start introducing better data protection measures.
4. LG network storage devices have serious RCE vulnerabilities
Experts at security firm VPN Mentor have discovered a pre-authentication RCE (Remote Code Injection) vulnerability affecting most LGNAS devices that could allow attackers to gain maximum privileges on the device. LG has not released a security update for the vulnerability, and if you are a user of an LG NAS device, you should avoid exposing your device on the public Internet and protect it as soon as possible with a firewall that only allows connections from authorized IPs. In addition, experts at VPN Mentor also recommend that users should regularly check all registered users on their devices to step up their efforts to check for suspicious activity.
5.50,000 Minecraft users infected with malicious program that formats hard drives
Security firm Avast reports that nearly 50,000 Minecraft accounts have been infected with a malicious program that formats hard drives and deletes backups. The malicious code itself is not complicated. It is hidden in a modified game skin and uploaded to the official Minecraft website. Because it is hosted on the official domain name, when the security software pops up a warning, it may be considered a false positive by users.
Minecraft is one of the most popular sandbox games, with more than 74 million players worldwide as of January 2018, but the vast majority of players are still using the default skin, so there are not many victims of this malware.
6. Hackers use internet-connected fish tank thermometers to steal casino databases
Widespread IoT devices are increasingly becoming a weak link in security systems, vulnerable to being exploited by hackers and breaking into corporate networks. Nicole Eagan, CEO of cybersecurity firm Darktrace , has said that IoT devices expand the attack surface, while the vast majority of IoT devices are not covered by traditional defenses.
He disclosed a case at a conference in which hackers breached an unnamed casino network through a thermometer vulnerability in an internet-connected fish tank and discovered an important database containing all the casino's customer information. In the end, the hacker successfully dragged and stored the database to the cloud.
7. A quarter of data breaches are caused by company insiders
According to a recent Verizon Data Breach Investigations Report (DBIR) , 25% of all attacks for the year were caused by insiders, mostly seeking money, intelligence, or just a moment of negligence or misuse. The report also said that about 50% of data breaches were carried out by criminal gangs, and that 1 in 10 data breaches had the shadow of a state-backed hacking group. Financial interests, not surprisingly, continue to be the number one motive for cybercrime.
The healthcare industry is an industry with a particularly high risk of employee misuse of insider threats, such as hospital staff reading patient files out of curiosity or simply for fun. Verizon pointed to an increase in the number of external attacks that companies face, and an increasing number of external attacks are organized crime.
8. Microsoft ported anti-phishing mechanism to Chrome plugin
Microsoft recently released a Chrome extension called "Windows Defender Browser Protection", which can port the inherent features of Windows Defender and Edge anti-phishing technology to Google Chrome.
When users visit malicious links, the plugin will remind them with a red warning page. These warnings are very similar to those displayed by the Chrome browser (calling the native Safe Browsing API), but powered by Microsoft's database of malicious links (SmartScreen API). Benchmarks from NSS Labs showed that the Edge browser (using the SmartScreen API) caught 99% of phishing URLs in the test, while Chrome caught only 87%.