At a glance.
- Accellion supply chain compromise affects security firm.
- Telemarketing firm sustains data incident.
- Google changes ad-tracking policies.
- More reaction to the Malaysia Airline breach.
Qualys becomes newest Accellion breach victim.
Over the past few weeks, the CyberWire has been following the cyberattack that exploited a zero-day vulnerability in cloud solution company Accellion's popular FTA file transfer platform. The Clop ransomware group has taken credit for the attack, posting stolen files from various Accellion clients on the dark web in an effort to extort the victims. Now, Bleeping Computer confirms that the latest file screenshots posted on Clop’s leak site belong to US cybersecurity firm Qualys. While it’s unclear whether Qualys has received a ransom request, the company has shut down use of the FTA service. In a statement on their blog, Qualys explains that none of their systems were affected by the breach: “All Qualys platforms continue to be fully functional and at no time was there any operational impact.” Cybersecurity firm Mandiant has been enlisted to assist Qualys with the investigation.
CallX exposes client communication data.
Researchers at vpnMentor have uncovered a data breach stemming from CallX, a US telemarketing firm that provides technology to help other businesses to optimize their media purchasing. CallX has been using an unsecured, unencrypted Amazon Web Services S3 bucket to store 114,000 recordings of phone conversations and transcripts from text chats that took place between CallX clients and their customers. It’s worth noting that it’s likely the customers were unaware they were using CallX products to communicate, so they were also probably ignorant of the fact that they were being recorded. CallX was contacted by vpnMentor to notify them of the exposure and discuss solutions.
Google to halt individual user ad tracking.
In response to backlash from privacy advocates, tech giant Google has declared it will stop tracking individual users’ browser data for advertising purposes, instead opting to track users in anonymized groups, Vice reports. This decision comes on the heels of Google’s announcement that it will gradually phase out the use of third-party cookies in its Chrome browser. The new website tracking approach will collect aggregated data of users in demographic “flocks” based on similar interests. However, privacy groups like the Electronic Frontier Foundation don’t see this change as much of an improvement: “Today, trackers follow you around the web, skulking in the digital shadows in order to guess at what kind of person you might be. In Google’s future, they will sit back, relax, and let your browser do the work for them.” A UK antitrust inquiry is questioning whether the changes are actually Google’s attempt to further solidify its control over the online advertising market. But US consumer groups like Public Knowledge see the shift as a step in the right direction, as long as the federal government makes efforts to regulate privacy and ensure healthy competition.
More industry reaction to the Malaysia Airline data incident.
The Malaysia Air breach has drawn comment from Brad Keller, chief strategy officer at Shared Assessments. He notes that some of the information compromised serves a further role in identity management. "While this information may seem fairly benign," he wrote, "it serves as the basis for establishing an individual’s identity on any number of other systems. Thus, it can be used to create fraudulent accounts, it can be leveraged to gain unauthorized access to existing accounts, and it can be used to create phishing activity targeted at these individuals. The phishing implications cannot be overlooked, as the better an attack is able to target an individual using real information, the more successful it will be."