Introducing a new weekly feature to our blog called ThreatWatch: A Weekly Roundup of the Best Fraud and Security Stories from around the Web. Each week we'll choose a handful of news articles from the reporters we follow who write about the threat landscape - whether it's a newly discovered security breach or insight into how new technologies and systems are being utilized to make the Web safer for consumers.
A bug in iCloud’s end to end security could have exposed users’ passwords, credit card numbers and any other personal information on file. The bug was able to bypass the user verification process that iCloud had in place.
Organizations all over the world are still being affected by Petya, with some companies’ systems still yet to return to normal, while others are reeling from a financial hit. The article references FedEx who says they might not be able to recover all of their systems after the attack and have taken a huge financial hit. It’s still unknown as to who was behind Petya and why they wanted to cause so much damage and data loss.
Ericka Chickowski at Dark Reading examines the potential of AI to detect new threats: one researcher at Black Hat is “showing off a new automated AI agent that probes the data science behind machine learning malware detection models and looks for mathematical weaknesses.” He claims that all machine learning models have blind spots and the best way to defeat attackers is to beat them at their own game. For instance, to stop a bot from attacking, you must use an artificial agent to attack back and stop it.
In what is being called one of Europe’s largest data breaches ever, 400,000 Italian bank accounts were accessed this week. This is the second attack on UniCredit within the last ten months. Security experts warn that UniCredit needs to take a hard look at their current security practices and take a more layered approach to prevent future breaches that might damage their brand.