13 Security breaches Worldwide – Week 33, 2019
Be informed about the latest 13 Security breaches Worldwide, identified and reported publicly during Week 33, 2019. As these security-related breaches have a severe negative impact on any business, consider a security AUDIT to prevent any similar cases.
- One of the websites of the European Central Bank was shut down after it was infected with malware.
- Some names and email addresses of newsletter subscribers may have been stolen. The malware had been running on a third-party server since last December. ECB shuts down one of its websites after hacker attack
- The Bluetooth encryption protocol has a major flaw and been assigned CVE-2019-9506.
- Called Key Negotiation of Bluetooth, the flaw could allow bad actors to intercept communications if they are close enough to both of the paired devices. The Bluetooth standards body issued this advisory, and this post links to various patches from vendors. New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections
- Speaking of Bluetooth, there is a new tool in the arsenal to fight credit card skimmers that often use this protocol to transmit the stolen card data.
- It is called Bluetana and has been used by law enforcement to track criminals who install the skimmers, typically on gas pumps. Over a year more than a thousand skimmers were located all over the country. Here is a tip: avoid using debit cards when paying for gas. Meet Bluetana, the Scourge of Pump Skimmers
- The hacking group known as Cloud Atlas is still active.
- This post dissects some of its recent spate of malware campaigns, including PowerShower (a PowerShell exploit) and a new polymorphic campaign called VBShower that accomplishes the same tasks only with more stealth. Recent Cloud Atlas activity
- Microsoft Outlook has a major remote code execution vulnerability that has been assigned CVE-2019-1199.
- It has to do with create memory corruption conditions using specially crafted messages. Users should apply the recent patches to prevent it from happening. Use-After-Free (UAF) Vulnerability CVE-2019-1199 in Microsoft Outlook
- This report describes “lateral phishing attacks” is presented in this phishing report from Barracuda.
- The notion is for a hacker to take control over a legit email account and send phishing lures from that account, thereby bypassing many protective measures. The typical subject lines involve sharing a document link or resets due to account errors. One in seven organizations has experienced such an attack recently. Spear Phishing: Top Threats and Trends (reg. req., pdf)
Discover trending and viral stories about Security breaches Worldwide. The remaining Security breaches made news headlines. All these happened just last week.
- State Farm was hit with a credential stuffing attack last month.
- It disclosed this in an advisory that was short on details. The company posted suggestions on how to improve customer password hygiene, such as using MFA and more complex and unique passwords. Customers who were affected had their passwords reset. No personal data was leaked. State Farm Notice of Data Breach for Credential
- About 1,200 customers of London Transport had their Oyster contactless payment cards hacked with another credential stuffing attack last week.
- Malicious logins have been detected on the Oyster website, with TfL blaming people using repeated usernames and passwords. It’s one of 2019’s most popular attacks. These cards were suspended and the company took down its website. As of this morning, the website isn’t yet back in service. TfL kills the Oyster website as customers are hit by a dumb hack
- Beware of unexpected Docusign emails, they could be phishing lures.
- Researchers tracked several campaigns that duplicate the Docusign web pages, made notable by the fact that they are hosted on AWS. This post tracks these efforts since early February and describes their indicators of compromise. Phishing Actor Using XOR Obfuscation Graduates to Enterprise Cloud Storage on AWS
- The NYC fire department issued a warning that a stolen employee’s hard drive could have leaked data from more than 10,000 patients.
- Some of these patients who have taken ambulances from 2011-2018 could have compromised SSNs. The theft was discovered in March, and an internal investigation took months to track down the affected patients. FDNY warns of major data breach possibly affecting more than 10,000 patients
- F5’s Big-IP firewalls have a code injection bug.
- It was found by researchers and has to do with how a bad actor can manipulate its scripting language. While the exploit hasn’t been seen in actual use, it can occur if the scripts are poorly written and F5 has issued an advisory. K15650046: Tcl code injection security exposure
- Joel Stein’s column on how he tried to protect his privacy from Big Tech is worth reading.
- His journey takes him through using a variety of tools such as Jumbo (a smartphone app that reconfigures your privacy settings of major social networks), MySudo (for disposable email addresses), Abine’s DeleteMe opt-out service, the Brave browser and DuckDuckGo search engine. I Tried Hiding From Silicon Valley in a Pile of Privacy Gadgets
- The biometric access platform BioStar 2 suffered a massive data leak of fingerprints and facial data from at least 1.5M different people in numerous countries.
- This data included unencrypted usernames and passwords, including those of admin accounts. What is worse is that many passwords were “ridiculously simple” and that many large businesses use these biometrics for access controls. This data was publicly available for more than a week while researchers tried to contact Suprema, the owner of the data, unsuccessfully. The potential for fraud and abuse is high, because once this data is stolen people can’t change their faces or fingers. Data Breach in Biometric Security Platform Affecting Millions of Users