Insider Threats Unveiled: The Alarming TrendMicro Data Breach and Its Lessons

Insider Threats: The Hidden Cybersecurity Danger

In the world of cybersecurity, companies often focus on protecting against external threats. But what about the dangers hiding within? The recent case of a TrendMicro employee selling customer data to scammers is a stark reminder of the damage insider threats can cause.

The TrendMicro Incident: A Stark Warning

Earlier this year, TrendMicro, a well-known cybersecurity company, fell victim to an insider threat. The firm revealed that an employee had sold customer data to scammers, affecting around 68,000 customers. The breach was discovered in early August when customers reported receiving suspicious calls.

The Investigation and Consequences

After a detailed two-month investigation, TrendMicro confirmed that the incident was not due to an external attack but an insider threat. The stolen database included customer names, emails, support ticket numbers, and phone numbers. Luckily, no financial or credit card information was compromised.

The employee responsible for this breach was fired, their account was deactivated, and legal action was taken. However, TrendMicro decided not to reveal the employee’s identity to the public.

The Ongoing Threat to Cryptocurrency Exchanges

Insider threats aren’t the only concern in cybersecurity. Cryptocurrency exchanges have been under attack, with hackers stealing over $4 billion in just the first half of 2019. For example, a software issue in BitMEX, a popular cryptocurrency exchange, exposed the data of 23,000 users. The company advised users to change their passwords to reduce the risk.

Major Cryptocurrency Exchange Attacks in 2019

• Binance: Hackers used malicious software to get user data and stole $41 million worth of Bitcoin.
• Bitpoint: Attackers took over this Japan-based platform and stole $32 million worth of various cryptocurrencies.
• QuickBit: A MongoDB database error exposed the personal data of 300,000 customers on this Sweden-based platform.
• Cryptocurrency: An attack on this platform resulted in the theft of $13.4 million worth of EOS and $6 million worth of Ripple (XRP).
• Coinmama: This Israel-based platform suffered a data breach affecting 450,000 users, with hackers obtaining email addresses and password information.

Adobe’s Security Updates: A Necessary Safeguard

In November, Adobe released updates for several applications, fixing 11 security issues. Three of these were critical, and eight were high-severity. The affected software includes Adobe Illustrator 2019, Adobe Media Encoder, Adobe Bridge, and Adobe Animate.

Adobe Illustrator 2019

The security issues identified as CVE-2019-7962, CVE-2019-8247, and CVE-2019-8248 cause memory corruption in Adobe Illustrator 2019. Exploiting these issues could allow hackers to execute remote code and take control of systems. Users are advised to update to version 24.0 to protect their systems.

Adobe Media Encoder

Adobe Media Encoder, a free software used with Adobe Premiere Pro and Adobe After Effects, had a vulnerability identified as CVE-2019-8246 during the video conversion process. Additionally, vulnerabilities CVE-2019-8241, CVE-2019-8242, CVE-2019-8243, and CVE-2019-8244 were due to multiple file parsing flaws, leading to the exposure of user information. Only version 13.1 is affected by these vulnerabilities.

Adobe Bridge and Adobe Animate

Vulnerabilities identified as CVE-2019-8239 and CVE-2019-8240 in Adobe Bridge occur during the parsing of SVG images, leading to the exposure of user information. These vulnerabilities affect version 9.1, and users are advised to update to version 10.0. The vulnerability identified as CVE-2019-7960 in Adobe Animate (version 19.2.1) allows privilege escalation due to the loading of an unsafe library.

Amazon’s Ring Doorbell: A Potential Entry Point for Hackers

Ring, a smart wireless security device by Amazon, lets users control their doorbell over the internet. However, security researchers have found a critical vulnerability in the Ring device that could allow hackers to steal the WiFi password of the connected network. This vulnerability allows an attacker listening to traffic during the device setup phase to obtain the WiFi password. Users are advised to apply the latest update to fix this vulnerability.

For more information on cybersecurity threats and protection measures, visit the Cybersecurity and Infrastructure Security Agency website.