15 Security breaches Worldwide – Week 18, 2019
Be informed about the latest 15 Security breaches Worldwide, identified and reported publicly during Week 18, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- Telemetry from their network traffic for the first quarter of this year show that businesses are still the prime targets of hackers.
- Emotet and ransomware are growing. Also, the amount of hidden cryptomining has moved from individual users to corporate accounts has increased. All this means that overall user trust in business use of their private data has reached new lows. Cybercrime Tactics and Techniques 2019: Q1 Report
- Another hacker is using GitHub projects to run scripts to collect credit cards skimmed by Magecart malware.
- Hundreds of ecommerce websites running Magento are running these scripts, a situation which was discovered by security researchers and quickly removed by GitHub. That doesn’t stop the hackers from trying to inject new skimmer scripts. Make sure your CMS plug-ins are at current patch levels and check your user authentication records and policies. GitHub-Hosted Magecart Card Skimmer Found on Hundreds of Stores
- Here are three useful things you can do to prevent account takeovers.
- Use biometric authentication, implement adaptive or step-up MFA, and integrate security with the overall UX. 3 Things You Can Do to Prevent Account Takeovers
- Telemetry from their network traffic for the first quarter of this year show that businesses are still the prime targets of hackers.
- Emotet and ransomware are growing. Also, the amount of hidden cryptomining has moved from individual users to corporate accounts has increased. All this means that overall user trust in business use of their private data has reached new lows. Cybercrime Tactics and Techniques 2019: Q1 Report (pdf)
- Varonis analyzed more than 700 custom risk assessments that looked more than 50B files.
- They do this annually to spot trends and find data vulnerabilities. This year’s report had more than half the companies had over a thousand sensitive files that were available to every employee in the organization, and 15% of the companies had more than a million folders available to everyone. More than a third of users had non-expiring passwords, which is a big jump from last year’s report of only 10%. And more than half the companies had more than a thousand inactive user accounts. 2019_GLOBAL DATA RISK REPORT FROM THE VARONIS DATA LAB (pdf)
- In advance of its anticipated IPO, Slack has filed its S-1 stating that cyber attacks by nation-state actors could be a major risk.
- While S-1s are usually peppered with all sorts of dire warnings, this one was somewhat unusual. They said it was virtually impossible for them to mitigate these risks, despite their security measures. Slack warns investors of a high risk of cyber-attacks impacting stock performance
- Another hacker is using GitHub projects to run scripts to collect credit cards skimmed by Magecart malware.
- Hundreds of ecommerce websites running Magento are running these scripts, a situation which was discovered by security researchers and quickly removed by GitHub. That doesn’t stop the hackers from trying to inject new skimmer scripts. Make sure your CMS plug-ins are at current patch levels and check your user authentication records and policies. GitHub-Hosted Magecart Card Skimmer Found on Hundreds of Stores
Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just in last week.
- A church has had $1.75M stolen using a phony email that purported to be from the church’s construction contractor.
- This probably originated from a phished email that tricked staffers into sending the funds to the wrong account. The Saint Ambrose Catholic Parish in Ohio acknowledged the loss and asked the FBI to investigate. another catholic disaster
- A new report analyzed 100 different email-based fraud attacks on finserv companies over the past two years.
- The number of attacks is growing and increasingly using imposter techniques. More attacks are sent on Mondays than any other day of the week. Quarterly Impostor Email Attacks Aimed at Financial Services Organizations Increased More than 60% Year-Over-Year
- A report found that almost two million different webcams and smart doorbells have major vulnerabilities allowing hackers to spy on you.
- Most of them are in China and the EU. The issue is that these devices are set to enable P2P remote access by default. Hundreds of brands are at risk, using a common component called iLinkP2P, developed by a Chinese vendor (and different from UPnP). You can check your UID prefix to see if your devices are in the list. At the very least, you should block outbound traffic on port 32100. Device vendors were notified back in January but never responded with any fixes. Security cameras vulnerable to hijacking
- Italian and German users have been targets of new spam campaigns dubbed JasperLoader.
- It employs several stages to infect PCs that are designed to obscure its activities, including using Visual Basic macros and phony certs. Its ultimate goal is to deliver the Gootkit banking trojan now and perhaps other malware in the future. JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan
- A new cryptojacking campaign is hitting Chinese users.
- It is called Beapy and is based on NSA exploits and stolen credentials. It begins with a malicious email Excel attachment which has a DoublePulsar backdoor. Then a PowerShell command downloads the coinmining routine. Beapy: Cryptojacking Worm Hits Enterprises in China
- Another new Windows backdoor is called ExtraPulsar, because it also uses the NSA’s DoublePulsar exploit for SMB v.1 file shares.
- It tricks Windows into loading the malware to run as a kernel driver and grant network access to your PC. Most current endpoint products block these rogue drivers, but still, it is overdue to disable SMB v.1. ExtraPulsar backdoor based on leaked NSA code – what you need to know
- Researchers last week have found an online database containing particulars on 80M American households without any password protection.
- It was taken offline yesterday. The data has personal details including occupants’ incomes and email addresses but not SSNs or payment card details, and a screenshot of a typical redacted record is shown here. The researchers believe it is the largest breach of such explicit information and could make it easier for ID thieves to impersonate you. It wasn’t clear who owned the data Report: Unknown Data Breach Exposes 80 Million US Households
- You don’t often hear about how Macs can be infected with malware.
- This post goes into details on using what is now called the WindShift exploit to malicious websites that download payloads to trigger a custom URL which results in downloading the actual malicious app. Middle East Cyber-Espionage
Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!
