24 Security breaches Worldwide – Week 15, 2019
Be informed about the latest 24 Security breaches Worldwide, identified and reported publicly during Week 15, 2019. As these security-related breaches have a severe negative impact on your business, consider a security AUDIT to prevent any similar cases.
- A darkweb marketplace called Genesis is selling digital masks of end users to carding criminals.
- These are used to defeat anti-fraud systems because they contain each victim’s online buying history, computer screen size, and other information from their browsers and cookies. One researcher calls this the next generation of carding after finding these transactions online. How crooks use your doppelgangers to pay with your card
- The Exodus spyware originally developed for Android devices is now infecting iOS too.
- This was accomplished by abusing the Apple Developer Enterprise program’s cert. It can access contacts, audio recordings, photos and videos from its victims. Apple neutralized the app once researchers published details about the malware. A powerful spyware app now targets iPhone owners
- NATO conducts its annual Locked Shields live-fire cyber exercise that once again threatens the fictional country of Berylia.
- There will be 1,000 participants from 30 different countries operating the Estonian Cyber Range. Locked Shields is a unique international cyber defence exercise offering the most complex technical live-fire challenge in the world
- The front-end and open source web framework called Bootstrap-Sass has been infected with malware based on a compromised version of RubyGems.
- While both are quite popular, the issue was spotted quickly and fixed after about a thousand users had downloaded the malware. Upgrade to v.18.104.22.168 asap. Bootstrap supply chain attack is another attempt to poison the barrel
- Those sextortion scammers are getting more sophisticated.
- They have lowered their ransom demands in the hopes of getting more victims to pay and also hidden their malware through multiple layers of encryption, passwords and programming. Big change in the plague of Blackmail, Sextortion Scam attempts
- Two WordPress-related malware strains have made the news.
- The first is called the GoBrut botnet. It is a more dangerous variant of the ELF family that expands its attack surface to both Windows and Linux systems. Another exploit is with the WordPress Duplicate-Page plugin. It could affect 800,000 websites. If you use it, please update to v.3.4, which has the fix that prevents stolen data and potentially admin access to your site. GoBrut Botnet ELF Variant and New C2 Discovered and SQL Injection in Duplicate-Page WordPress Plugin
- Dropbox has paid out bug bounties for hundreds of vulnerabilities, for a total of more than $300k.
- One of the participants was the appropriately named Jack Cable, a Stanford CS student who has racked up several hundred bounties by himself. This came from a hackathon in Singapore last week run by HackerOne. Dropbox uncovers 264 vulnerabilities in HackerOne Singapore bug hunt
- This post describes how a company got hit with the IEncrypt ransomware and how it proceeded.
- It all started with a phished email, and within a week attackers had gained control over the corporate network, encrypting files on hundreds of endpoints. The company paid the ransom and was able to decrypt its files. The post describes further forensic analysis that is worth reading IRESPONSE TO IENCRYPT
- Tomorrow is an important election in Israel, and there are claims of a major data breach in its voting registry.
- It could be old data that was leaked back in 2006, and authorities are investigating. It is part of an annual hacking campaign by various groups around the world. In the past, these campaigns haven’t had much success. In other news, Twitter has suspended dozens of suspicious accounts run by a Chinese group that has political messages posted in Hebrew. The group believes Jesus has been reincarnated as a Chinese woman living in Queens. Yes, you read that correctly. Hacker’s Claims of Breaching Israeli Voter Registry Under Investigation and Israel Election: Twitter Suspended Dozens Of Hebrew-Language Accounts Run By A Strange Chinese Religious Sect
- If anyone should know about credential stuffing attacks, it would be Akamai.
- Last year it reported almost 30B attacks. That works out to hundreds of millions of them daily. The largest targets were video media and other entertainment companies. These attacks are on the rise thanks to automated construction kits that are sold online for just a few dollars per stolen credentials. Credential Stuffing: Attacks and Economies (pdf – Volume 5, Special Media Edition)
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in the last 7 days.