18 Security breaches Worldwide - Week 22, 2019
Be informed about the latest 18 Security breaches Worldwide, identified and reported publicly during Week 22, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- A reporter was able to account for more than 5000 different tracking apps operating sub rosa on his iPhone.
- If you ever wondered why your battery life drops when you are sleeping, now you know. Yelp is one of the worst trackers and you might want to delete it. While you’re sleeping, your iPhone stays busy — snooping on you
- One of the largest real estate title companies has been using extremely poor security for years.
- One website operated by First American Financial Corp. had designed their database so that anyone who knew the URL for a valid document could view other documents easily. These documents contain SSNs, bank accounts, and other personal financial data. Hundreds of millions of files could have been accessed. The company acknowledged a “design defect” and removed the website to work on a fix. First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
- Julian Assange faced new charges last week, including violations of the Espionage Act.
- He is one of the few civilians ever cited. Since 1945, this act has been used 11 times to prosecute government employees who shared classified information with journalists, with seven cases brought under Obama’s term, including Chelsea Manning and Edward Snowden. WikiLeaks’ Assange charged under the Espionage Act in a ‘major test case’ for press freedom and What You Should Know About the Espionage Act
- Australian online photo editing company Canva has been hacked by GnosticPlayers.
- More than 139M users’ details have been leaked online and they appear to be legitimate credentials. This is the same group that now claims to have leaked a billion credentials since February. Canva quickly detected the breach and corrected the problem. Australian tech unicorn Canva suffers security breach and CYBERSECURITYHacker Who Previously Sold Stolen Data Online Claimed Responsibility Over Canva Breach
- Equifax’ bond rating was downgraded last week by Moody’s service.
- It is THE 1ST TIME Moody's has done so because of a security breach. Moody’s noted that Equifax still needed to make infrastructure improvements to address systemic security weaknesses since the 2017 breach and resulting lawsuits. Equifax Is Finally Getting Kicked in the Money Bags Due to Its Disastrous 2017 Hack and MOODY’S REVISES EQUIFAX OUTLOOK POST-BREACH
- ZScaler examined a month of itsr network telemetry in this report.
- It shows the most frequently seen IoT device categories used by its enterprise customers and examine the transaction data for 10 specific types. Few IoT devices use SSL and most have outdated firmware and weak or nonexistent credentials. Also, despite attempts to eradicate it, Mirai is still very active. IoT in the Enterprise - An analysis of traffic and threats (pdf)
- The Chinese state-sponsored hacking group APT10 is using new tricks in its malware, according to researchers.
- They are based on JavaScript DLL side-loading techniques to help exfiltrate data and avoid detection. These malware families have a rich history of being used in many targeted attacks against government and private organizations. The activity surfaced in Southeast Asia, a region where APT10 frequently operates. UNCOVERING NEW ACTIVITY BY APT10
- The RobbinHood ransomware attack on the City of Baltimore networks continues to cause issues for its IT department.
- Hundreds of real estate closings and thousands of city water bills have been delayed and thousands of city computers are still inoperable. The city attempted to create a series of private Gmail accounts, but Google quickly shuttered these (they should have set up business accounts.) The mayor did not have any timeline as to when all systems would be restored. Joe Panettieri is keeping track of similar local government ransomware attacks here. Cyberattack Hobbles Baltimore for Two Weeks and Counting and Google bots shut down Baltimore officials’ ransomware-workaround Gmail accounts and PRESS RELEASE: City Provides Update on Baltimore Ransomware Attack and Baltimore Ransomware Attack Update: RobbinHood Malware’s Lasting Impact
Protect your WordPress: BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business!
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.
- The Pyramid Hotel Group has had a massive data leak lasting at least a month.
- Compromised information included server API keys and passwords, IP addresses of incoming connections, malware alerts, restricted applications, login attempt records, application errors, security audit logs, which also include personally identifying information (PII) of employees of the affected companies, and go back as far as April 19, 2019 and other log data. Researchers using Shodan queries found it because of a compromise of the chain’s Wazuh IDS open source tool. Report: Security Platform Leaking Hotel Security Logs, Including Marriott Properties
- A large collection of Instagram users’ data has been leaked online.
- It was caused by an unsecured AWS storage bucket and appears to contain public data from influencer accounts created by the Indian marketing company Chtrbox. The actual number of unique accounts is still in dispute, but could be from tens of thousands to a million or more users. Millions of Instagram influencers had their contact data scraped and exposed
- What do you do when your malware becomes the gift that just keeps on giving?
- An automated attack, targeting poorly-protected Apache Tomcat servers, turns enterprise hardware into a high-end cryptominer. That was the case seen by Sophos researchers who tried repeatedly to eradicate a Tomcat server from the XMrig Monero cryptominer. Worms deliver cryptomining malware to web servers
- Hackers had breached the network of Perceptics. Given the kind of data collected by these systems, it is a major breach.
- The company is the major supplier of automated license plate reader technology for US Customs and operates at dozens of our border crossings. The company confirmed the breach but provided no specific details. Reporters at The Register broke the story and offered evidence that the stolen data appears to be legit. “The nature of the company's business – border security data acquisition, commercial vehicle inspection, electronic toll collection and roadway monitoring – means that it's likely to have a significant amount of sensitive information.” Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online
- The news aggregator Flipboard was breached and hackers stole user credentials from its servers.
- The event went undetected for nine months and was only found after a second intrusion was discovered. The issue here is because of how the site operates, these credentials include links to social media and other accounts of each user. The company said it had not seen unauthorized access to third-party accounts. All passwords and third-party tokens have been reset as a precaution, even though not every user was impacted. NOTICE OF SECURITY INCIDENT
- Researchers discovered in early April an unprotected Elasticsearch node on the Investment Week website.
- Two weeks later, on 18 April 2019, they probed manually and found a database containing approximately 330,000 unprotected records of sensitive personal user information: Full names, Email addresses, Subscription information, City, Phone number, Company Country. The records contained unsalted, md5 hashed passwords. All passwords have been reset as a result. UK’s Investment Week data leak: 330k user records exposed and Potential data breach management
- A XSS bug was discovered in the WordPress Live Chat Support plugin.
- It can be found in more than 50,000 websites. The bug could allow for malicious injections and additional malware delivered to browsers via popup ads and fake error messages. Users should patch to the current version, 8.0.32. Malicious JavaScript injected into WordPress sites using the latest plugin vulnerability
- The drive-thru restaurant chain Checkers/Rally suffered a data breach.
- Malware was placed on the payment processing system at more than 100 stores, which is about 15 percent of the total in the combined chain. The company posted the locations and time frames, and said possible payment card data could have been compromised. Some stores were breached in 2016. NOTICE OF DATA BREACH
- More than half of malicious email spam sent during the first quarter was due to Emotet, according to analysis of Proofpoint’s network telemetry.
- Malicious URLs were seen five times more often than infected attachments. Fraudulent domains using SSL certs are also on the rise. QUARTERLY THREAT REPORT Q1 2019 (pdf)
- Using their own network telemetry, evidence of WannaCry’s penetration across the world is documented by security vendor Armis.
- More than 3500 hourly attacks still happen, and more than 145,000 endpoints are still infected, two years from the initial attack. Cringe statistics: 103 countries still impacted Over + 145,000 devices worldwide are compromised + At least 3,500 successful WannaCry attacks per hour, worldwide + 22% of Internet service providers (ISPs) have customers impacted by WannaCry + 60% of manufacturing organizations and 40% of Healthcare organizations suffered a WannaCry attack in the past six monthsTwo Years In and WannaCry is Still Unmanageable
Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!
