One of the worlds largest data breaches (sure, we say that every week...) took place in Ecuador last week.
NCSC have reported that Ecuador suffered the biggest data breach in its history this week after the records of 20.8m Ecuadorian citizens, including financial and car ownership records, were exposed online. That's most of its population.
The leak, which was reported by ZDNet, occurred after a data analytics company had left a server exposed without a password. This then meant that anyone could access the data.
The director of the company at fault has since been arrested by the Ecuadorian authorities, and at the request of the country’s President a planned new data privacy law has been brought forward.
Evasive Threats, Pervasive Effects.
Trend Micro have produced their midyear security roundup. It reinforces the concept of early detection to stop threat actors from gaining a foothold on our systems. This is based on the modern paradigm that we cannot always prevent them from gaining access in this first place.
One area of interest was the prevalence of file-less systems which, using advanced techniques, gained access through legitimate tools and whitelisted services.
Ransomware remains wide-spread and increasingly available for diverse criminal organisations 'as a service.' An initial method of intrusion for the malware is often spear phishing emails. An excellent summary table of Ransomware types is on page 6 of the report.