17 Security breaches Worldwide - Week 29, 2019
Be informed about the latest 17 Security breaches Worldwide, identified and reported publicly during Week 29, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- A bug in the Ad Inserter WordPress plugin allows authenticated attackers to remotely execute code.
- The plugin is found on 200,000 blog sites. The vendor has patched the issue and users should update to v. 2.4.22 Critical Vulnerability Patched in Ad Inserter Plugin
- Researchers have found ransomware they call QNAPCrypt that is targeting Linux-based NAS file storage systems.
- The malware has very low detection rates because of its targets. They have written a YARA rule you can use to find it across your networks. How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers
- Free web hosting services are increasingly being used to distribute phishing attacks.
- This is according to an analysis of phishing patterns. Threat Actors are Increasing Their Use of Free Hosts
- Slack was hacked back in 2015, but new information has come to light that indicates more users’ passwords were compromised.
- Slack has automatically reset affected users, and also urges everyone to employ MFA (which it launched back in 2015 in response to the hack) or at least have a unique password for their accounts. The company also links in its notification message to how to access login logs, which if your usage is like mine you will find less than useful. Slack resets passwords for 1% of its users because of 2015 hack
- Researchers have discovered a massive leak that appears to originate from a third party who has access to the data from the Chinese marketing company Aliyun Computing.
- The leak contains credit reports for loan applicants, including ID numbers and contact information along with details about mobile device identities (such as IMEI numbers and GPS locations). The leak has been closed. Personal Data (Incl. SMS & Calls) of Mobile Loan App Users in China Left OPEN for ALL to See
- Speaking of ransomware, this report shows the average ransom payout nearly tripled to more than $36,000, and average downtime increased from 7 to 9.6 days.
- This could be because of Ryuk and Sodinokibi that are more lethal. Also, almost everyone received a working decryption tool that paid a ransom, and more than 90 percent of the data was recovered from the tool. Ransomware Amounts Rise 3x in Q2 as Ryuk & Sodinokibi Spread
- Attackers are starting to adopt lateral phishing techniques, according to this analysis.
- This is when a phisher uses the hijacked account to try to compromise others in the victim’s contact list, such as fellow employees or personal addresses. In total, researchers identified 154 hijacked accounts that collectively sent hundreds of lateral phishing emails to more than 100,000 unique recipients. Threat Spotlight: Lateral Phishing
- The Kazakhstan government is trying once again to force its citizens to install its own browser certificate.
- No cert, no web access. The idea, originally attempted several years ago, is to be able to snoop on all HTTPS traffic. It isn’t clear if they will be successful, and also what the browser vendors will do if the goernment succeeds in getting this cert deployed across their country. Part of the problem is that if the vendors block the cert, users will have to find a browser that allows communications if they want to get any useful work done online. Kazakhstan government is now intercepting all HTTPS traffic
Protect your WordPress: BEFORE IT'S TOO LATE! You will also protect your customers, your reputation and your online business!
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.
- Monroe College has been hit with ransomware.
- he attackers are asking for the equivalent of $2 million and the malware has spread throughout the campus network, including taking its main website offline. Monroe College Hit With Ransomware, $2 Million Demanded
- Russian FSB Intel Agency Contractor Hacked, Secret Projects Exposed
- A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media. These projects detail Russia's attempt to de-anonymize users on the Tor network, collect data from social networks, and how to isolate the Russian portion of the Internet from the rest of the world. hackers stole 7.5TB of data from the contractor's network
- Israel’s National Cyber Directorate has warned about attacks using AI to impersonate corporate executives’ voices.
- These are a new variation on a typical spear phishing attack, where the phony execs ask for specific money transfers to criminals’ accounts. Israel warns of AI cyber-attacks by voice impersonating of senior executives
- According to Belgian news reports last week, Google has been secretly recording ambient conversations around its Google Home device, even without the wake words being used.
- Some of these recordings contain evidence of child abuse and domestic violence. Google agreed the conversations were genuine but were used to train its tools to better recognize numerous languages. They are reviewing how the data was leaked to the reporters and their various privacy safeguards. Google Home Silently Captures Recordings of Domestic Violence and More
- Sprint said hackers broke into an unknown number of customer accounts via the Samsung.com "add a line" website last month.
- They accessed PII including phone number, subscriber ID, device type, account number, billing address and other account info. They released this breach notification. Account passwords were reset. Sprint customer accounts breached by hackers
- TrickBot has gotten more pernicious, and researchers have found it can now harvest emails from various places on your PC.
- The variant has been dubbed TrickBooster because it can also send phishing emails to other victims from your PC and hide them from your sent folders. They found a database of 250M stolen email IDs. TrickBooster – TrickBot’s Email-Based Infection Module
- New Extenbro DNS Changer Trojan Blocks Security Domains
- A newly discovered DNS-changer Trojan dubbed Extenbro has been observed while blocking access to websites of security software vendors to prevent its victims from getting rid of the adware it dumps on their computers. A newly discovered DNS-changer Trojan dubbed Extenbro has been observed
- Newly Discovered Malware Framework Cashing in on Ad Fraud
- Flashpoint researchers uncovered the framework, which features three separate stages that ultimately install a malicious browser extension designed to perform fraudulent AdSense impressions, as well as generate likes on YouTube videos and watch hidden Twitch streams. A newly discovered malware framework is responsible for more than one billion fraudulent ad impressions in the past three months, generating its operators significant Google AdSense revenue on a monthly basis.
- Supply chain attacks using Linux open software packages could become an increasingly more popular vector for hackers.
- Researchers downloaded millions of lines of code and found instances of malware-infested package repositories among those listed in the Python Package Index (PyPI). SupPy Chain Malware - Detecting malware in package manager repositories
Get Healthy, Stay Healthy: A healthier online business starts today and it begins with you!
