This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.
The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.
The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.
For a company that develops software, there are very strict guidelines in order to ensure that sensitive information is not leaked or accessed by unauthorized users.
it is especially challenging these days since many of what used to be internal protected network services is now need to be available online in order to enable work remotely.
The Nissan Motor Company, is a Japanese multinational automobile manufacturer headquartered in Japan.
The source code of mobile apps and internal tools developed and used by Nissan North America has leaked online after the company misconfigured one of its development servers.
Security expert revealed that Nissan placed one of the servers that control the source code of the company on the internet with its default passwords enabled which were admin and admin!
This is especially critical since it means in theory anyone could have connected to Nissan’s development server and pull the source code related to general company stuff like client retention and dealer details but more importantly, it seems the code related to connected car services was also stored there.
This rise many questions, was the source code modified by external attackers? are there backdoors in Nissan cars and car applications that control the cars?
The server was taken offline after the data started circulating in the form of torrent links shared on Telegram channels and hacking forums, which means many potential attackers had access to the server, and it’s probably possible to purchase it on the internet for a small fee.
Nissan responded saying: “The affected system has been secured, and we are confident that there is no information in the exposed source code that would put consumers or their vehicles at risk”.
Capcom, the game developer behind many popular games such as Resident Evil, Street Fighter, and Others, now says its recent attack compromised the personal data of up to 400,000 gamers.
Capcom, a Japan-based publisher of blockbuster games detected a breach During the end of 2020, Capcom said its personal, as well as corporate data, was compromised.
A group called Ragnar Locker claimed responsibility and said they had downloaded more than 1TB of corporate data, including banking details, contracts, proprietary data, emails and more.
Gaming is increasingly becoming a target for all types of cyberattacks.
Over the past several months, along with Capcom many other popular and big brands found themselves dealing with different cyber attacks.
Leading gaming companies are attractive to cybercriminals that aim to turn a profit by selling leaked insider-credentials.
The good news for Capcom customers is that the company doesn’t think any customer credit-card data was exfiltrated during the breach. The company goes onto reassure players it’s currently safe to play and purchase the company’s games online.
The company said its continuing efforts to investigate the matter with law enforcement and IT security specialists, adding its systems have largely recovered and the company will provide any additional updates.
Capcom is officially taking responsibility and sharing details as the investigation is moving forward.
It seems that capcom like many other companies is paying attention to the incident and constantly updating its clients in order to make sure everyone stays safe and un affected.
These days any service provider can be under attack and have sensitive data stolen.
Companies like capcom show that the right way to deal with it is by publicly disclose as many details as possible in order to prove to clients that they are worthy of their trust.
We can just wish that many more will adapt this attitude.
That’s it for this podcast, stay safe and see you in the next podcast.
Don’t forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.