17 Security breaches Worldwide – Week 29, 2019
Be informed about the latest 17 Security breaches Worldwide, identified and reported publicly during Week 29, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- A bug in the Ad Inserter WordPress plugin allows authenticated attackers to remotely execute code.
- The plugin is found on 200,000 blog sites. The vendor has patched the issue and users should update to v. 2.4.22 Critical Vulnerability Patched in Ad Inserter Plugin
- Researchers have found ransomware they call QNAPCrypt that is targeting Linux-based NAS file storage systems.
- The malware has very low detection rates because of its targets. They have written a YARA rule you can use to find it across your networks. How We Seized 15 Active Ransomware Campaigns Targeting Linux File Storage Servers
- Free web hosting services are increasingly being used to distribute phishing attacks.
- This is according to an analysis of phishing patterns. Threat Actors are Increasing Their Use of Free Hosts
- Slack was hacked back in 2015, but new information has come to light that indicates more users’ passwords were compromised.
- Slack has automatically reset affected users, and also urges everyone to employ MFA (which it launched back in 2015 in response to the hack) or at least have a unique password for their accounts. The company also links in its notification message to how to access login logs, which if your usage is like mine you will find less than useful. Slack resets passwords for 1% of its users because of 2015 hack
- Researchers have discovered a massive leak that appears to originate from a third party who has access to the data from the Chinese marketing company Aliyun Computing.
- The leak contains credit reports for loan applicants, including ID numbers and contact information along with details about mobile device identities (such as IMEI numbers and GPS locations). The leak has been closed. Personal Data (Incl. SMS & Calls) of Mobile Loan App Users in China Left OPEN for ALL to See
- Speaking of ransomware, this report shows the average ransom payout nearly tripled to more than $36,000, and average downtime increased from 7 to 9.6 days.
- This could be because of Ryuk and Sodinokibi that are more lethal. Also, almost everyone received a working decryption tool that paid a ransom, and more than 90 percent of the data was recovered from the tool. Ransomware Amounts Rise 3x in Q2 as Ryuk & Sodinokibi Spread
- Attackers are starting to adopt lateral phishing techniques, according to this analysis.
- This is when a phisher uses the hijacked account to try to compromise others in the victim’s contact list, such as fellow employees or personal addresses. In total, researchers identified 154 hijacked accounts that collectively sent hundreds of lateral phishing emails to more than 100,000 unique recipients. Threat Spotlight: Lateral Phishing
- The Kazakhstan government is trying once again to force its citizens to install its own browser certificate.
- No cert, no web access. The idea, originally attempted several years ago, is to be able to snoop on all HTTPS traffic. It isn’t clear if they will be successful, and also what the browser vendors will do if the goernment succeeds in getting this cert deployed across their country. Part of the problem is that if the vendors block the cert, users will have to find a browser that allows communications if they want to get any useful work done online. Kazakhstan government is now intercepting all HTTPS traffic
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.