9 Security breaches Worldwide – Week 30, 2019
Be informed about the latest 9 Security breaches Worldwide, identified and reported publicly during Week 30, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- The popular open source FTP server ProFTPd has a remote code execution bug (CVE-2019-12815). It can be exploited by authenticated users only.
- If you are using an older version or have recently installed this software, you need to re-install v.1.3.6 which has been patched. (The advisory is in German). Pro-FTPd: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes (lang=de)
- Mozilla has banned its browsers from using root certificates owned by the questionable entity DarkMatter of the UAE.
- The company is accused of selling hacking services. Google is planning on following suit for Chrome and Android users. These certs could be used to conduct MITM attacks. Google bans DarkMatter certificates from Chrome and Android
- The malware BrushaLoader is still being used by attackers.
- This was first discovered a year ago. This post dissects its multi-stage operation and how it is linked to the Danabot banking Trojan. It appears to be highly infectious and can be used to deploy a variety of malware payloads, including ransomware. BrushaLoader still sweeping up victims one year later
- The latest report from Sonicwall’s telemetry finds that overall, malware attacks have dropped by a fifth when compared to the first half of 2018.
- However, IoT-specific exploits have increased by 55 percent and ransomware attacks have increased by 15 percent. Ransomware targeting U.K. victims has increased nearly four-fold. The report also found that in May attacks using non-standard IP ports constituted a quarter of all malware. 2019 SONICWALL CYBER THREAT REPORT (reg. req.)
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.