Major Pentagon Data Leak Through Downloadable Amazon S3 Servers

This week, the Alert Logic team highlights the Major Pentagon Data Leak and how a New Malware Campaign is Threatening WordPress Installs.

Data Breach

Major Pentagon Data Leak Through Downloadable Amazon S3 Servers

The Pentagon accidentally leaked their data online which suggested that the organization has been monitoring users via their social media. The data leak was discovered by a cyber security expert, Chris Vickery, from the cybersecurity firm, UpGuard, who stumbled on three separate downloadable Amazon S3 servers, containing at least 1.8 billion internet posts from various sources collected over an 8-year period. The discovery dates back to early September and the U.S. Defense Department has since confirmed this exposure to CNN.

References:  Major Pentagon Data Leak Exposes Thousands of Social Media Posts | US Pentagon Data Leak: Information Was Accessible Through Amazon Server

 

Mitigation Strategies:

Malware

New WordPress Malware Campaign Discovered By Researchers from Sucuri Threatening WordPress Installs

A new WordPress malware campaign is threatening WordPress installs, the malicious code tracked as wp-vcd hides in legitimate WordPress files and is used by cyber attackers to add a secret admin user and gain full control over infected websites. Recently discovered by researchers from the firm Sucuri, this cyber attack leverages flaws within outdated plugins and themes.

References: Experts Observed A New Wave of wp-vcd Malware Attacks Targeting WordPress Sites | Wordpress is Still Infected

Mitigation Strategies:

Security Insights

This Week's Suspicious IP Addresses

60.191.49.187 133.34.251.34
185.94.111.1 185.35.63.130
149.3.181.65 185.35.63.131

*IP addresses provided by Recorded Future.