The Latest 45 Security breaches Worldwide – Week 19, 2019

The Latest 45 Security breaches Worldwide - Week 19, 2019

45 Security breaches Worldwide – Week 19, 2019

Be informed about the latest 45 Security breaches Worldwide, identified and reported publicly during Week 19, 2019. Security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.





  • Retefe is a banking Trojan that is on the rise in Switzerland and Germany last month.
    • It is hitting both Windows and Mac targets. It has updated tactics, a new loader and infection vector that uses a phony shareware utility called Convert PDF to Word. 2019: The Return of Retefe


  • Here is a technical explanation of how Facebook intentionally circumvented its own privacy controls to share data with its partners and how apps can make tons of cash selling this supposedly private data.
    • Along the way, the company took advantage of regulators’ ignorance of its technology to sell your data by ignoring everyone’s sharing settings. “Zuckerberg calling for a new era of true data portability is no different from the meth dealer demanding the keys to the drug locker.” Deceit By Design: Zuck’s Dirty Secret He Doesn’tWant You To Know

  • A new malware encyclopedia is now out from CheckPoint devoted just to MacOS exploits.
    • You can dig deeper into how the code works, links to signatures, events and samples. This should finally put to rest that Macs are immune from malware. macOS Malware Encyclopedia

  • Coinminers are still very much with us, even though one of the major players, Coinhive, was taken down in March.
    • Researchers are still seeing remnants of its malware code on tens of thousands of computers, trying to phone home unsuccessfully. Coinhive’s major competitor, CryptoLoot, is still active with 1 million daily requests across the Internet. Cryptojacking in the post-Coinhive era

  • More than 50,000 customers of SAP are open to attack, according to researchers.




  • Barracuda researchers have revealed a startling rise in account takeover.
    • A recent analysis of account-takeover attacks targeted at Barracuda customers found that 29 percent of organizations had their Office 365 accounts compromised by hackers in March 2019. More than 1.5 million malicious and spam emails were sent from the hacked Office 365 accounts in that one month! Threat Spotlight: Account Takeover


  • Implementations of several versions of OpenPGP and S/MIME have vulnerabilities in their email signature verification code that could allow for spoofing of the messages.
    • A team of German academic researchers found five different attack methods among 14 different email clients. They label the effort “Johnny You Are Fired” and propose a series of mitigations, most of which have already been implemented by the email vendors. Artifacts for the USENIX publication

  • Malware is more frequently designed to detect and evade sandboxes, which are often used by researchers.



  • A major German IT infrastructure provider has been hit by hackers.

 


Protect your WordPress: BEFORE IT’S TOO LATE! You will also protect your customers, your reputation and your online business!

Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.





  • Yesterday the latest Verizon 2019 Data Breach Investigations Report was released.
    • It contains information on more than 2,000 confirmed data breaches seen during 2018, taken from more than 70 different reporting sources and analyzing more than 40,000 separate security incidents. 2019 Data Breach Investigations Report (pdf)

  • Hackers were able to steal the equivalent of $45M+ from the Binance cryptocurrency exchange.
    • The bitcoins were removed by phishing and malware, and the company pledged it would reimburse the rightful account owners. This blog post announced a temporary suspension of deposits and withdrawals (but not trading), explains what happened and how the exchange is dealing with the theft. Binance Security Breach Update

  • The city of Baltimore, Maryland suffered a RobbinHood ransomware attack on May 7 that knocked out the majority of city servers and some government applications.


  • A massive SMS spamming operation was uncovered, containing data on 80M people.




  • ISPsystem is a web-based control panel used by numerous hosting providers and their customers.
    • Researchers found several bugs that could allow hackers to hijack sessions and take control over a user’s websites. The company fixed the problem and issued a patch with v.5.178.2, and users should upgrade. Vulnerabilities in ISPsystem


  • the median number of days to discover an external cyber intrusion dropped from 83 days in 2017 to 55 days in 2018.
    • According to a new report from Trustwave. While that is good news, the evidence of some attackers wasn’t found for more than a year. And to make matters worse, the portion of all incoming email that was spam rose from a third of all messages in 2017 to close to 90% last year. 2019 Trustwave Global Security Report (pdf)

  • Malware writers are using various cloud services to hide their command infrastructure and code.
    • This post summarizes two of these methods nicely. For example, tech support scams are being hosted on IaaS object stores, using arbitrary host names to make them harder to spot. And G Docs are being used to create phishing templates and hide the malicious URLs behind them. This means defenders will have to up their game on content filtering and use better analysis to figure these ploys out. Old Scams Getting New Life in the Cloud


  • Chrissy Morgan has posted the recording of an hour-long talk on responsible disclosures she recently gave at Le Tour Du Hack.
    • She discusses the context of some significant disclosures and what researchers did correctly and incorrectly. Le Tour Du Hack 2019: The Good, The Bad And The Ugly Of Responsible Disclosure – Chrissy Morgan



  • GPS apps to locate equipment and employees
    • The U.S. Global Positioning System, part of a network of global navigation satellite systems (GNSS), is vulnerable to attacks that could disrupt many industries. Here’s how it works and what you can do to mitigate its risk. What is GPS spoofing? And how you can defend against it

  • Chinese state-sponsored hackers acquired Eternal Synergy and Double Pulsar hacking tools from the NSA.

  • Ransomware is now so common that it is even a subject of a segment on this week’s 60 Minutes.
    • But a new ploy is leveraging Git-based services that replace various source code repositories with a ransom note. Poor password hygiene is the cause. The files aren’t deleted– just their headers– and can be restored. Almost 400 projects have been affected so far. A hacker is wiping Git repositories and asking for a ransom

  • Attackers are using shell_exec function to kick off Cron jobs to add malware backdoors.
    • What is intriguing about this attack is that the hackers are storing their commands in a DNS TXT record. Cronjob Backdoors


 


 

Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!

Do you have any concerns with Security breaches? Leave your thoughts in the comments below!

Related Posts

Leave a comment

Do NOT follow this link or you will be banned from the site!