iOS 13
Apple’s iOS 13 contains a vulnerability that could enable anyone to bypass lock-screen protections on iPhones. The vulnerability had not been fixed in advance of releasing the software on September 19. To read more: https://thehackernews.com/2019/09/ios-13-lockscreen-bypass.html
Ecuador
vpnMentor discovered a flaw in a server that exposed the personal data of millions of Ecuadorian citizens. The unsecured server had information on 20m people including names, birth dates and phone numbers. To read more: https://www.washingtonpost.com/world/the_americas/security-firm-data-breach-exposes-millions-of-ecuadorians/2019/09/16/c4f04904-d8ca-11e9-a1a5-162b8a9c9ca2_story.html
DealerLeads
A security researcher discovered a 413GB data breach from website dealerleads.com, which compiles information on potential car buyers, such as loan and finance inquiries and log data with IP addresses. The database contained 198m records with some sensitive information exposed in plain text. To read more: https://www.pymnts.com/news/security-and-risk/2019/data-breach-leaks-millions-car-buyers-personal-data/
Google Calendar
More than 8,000 publicly accessible Google calendars allowed anyone not only to access sensitive details, but also to add new events with malicious links. To read more: https://thehackernews.com/2019/09/google-calendar-search.html
SOHO routers
A new study discovered 125 different security vulnerabilities across 13 small-office and home-office (SOHO) routers and network-attached-storage devices. To find a list of the affected routers and to read more: https://thehackernews.com/2019/09/hacking-soho-routers.html
Online ticket fraud
Researchers uncovered an online ticket-fraud scheme primarily targeting Groupon. Criminals had been selling fraudulent tickets for three years but were ultimately exposed because they failed to password-protect their Elasticsearch cloud database containing 17m email messages and 1.2TB of data. To read more: https://nakedsecurity.sophos.com/2019/09/13/leaky-database-full-of-fake-groupon-emails-turns-out-to-belong-to-crooks/
LastPass
Developers at LastPass, a password manager, patched a vulnerability that made it possible for websites to steal credentials if users logged in using the company’s Chrome or Opera extension. Google Project Zero discovered the vulnerability last month. To read more: https://arstechnica.com/information-technology/2019/09/lastpass-fixes-bug-that-leaked-the-password-of-last-logged-in-account/
Smominru botnet
The cryptocurrency-mining botnet Smominru infects over 90,000 machines around the world each month. To read more: https://thehackernews.com/2019/09/smominru-botnet.html
Saudi Arabia
Hackers breached IT companies in Saudi Arabia in an attempt to gain access to customer records. The attackers infected hundreds of computers on compromised networks in order to collect the data they wanted. To read more: https://www.cyberscoop.com/saudi-arabia-hackers-it-providers-symantec/
Medical imaging
A research firm analyzed 2,300 medical-image archive systems and found that 24.3m records were freely accessible on the internet. Unsecured data included patient names, birth dates and medical information. To read more: https://www.helpnetsecurity.com/2019/09/18/confidential-patient-data/
Scotiabank
Canadian financial company Scotiabank has taken down GitHub repositories it inadvertently left open to the public. The repositories included software blueprints and access keys for a foreign exchange-rate system, among other sensitive information. To read more: https://www.theregister.co.uk/2019/09/18/scotiabank_code_github_leak/
GoldBrute
Researchers discovered a new botnet that is attacking Windows systems running a remote desktop protocol (RDP) connection exposed to the internet. Dubbed GoldBrute, the botnet has attacked 1.6m RDP endpoints. To read more: https://www.zdnet.com/article/a-botnet-is-brute-forcing-over-1-5-million-rdp-servers-all-over-the-world/
WannaCry
Two years after its initial outbreak, the WannaCry worm is still active. More than 12,000 WannaCry variants have been identified. While people with infected systems are generally no longer getting their data scrambled by the malware, they are unwittingly spreading copies of the worm. To read more: https://nakedsecurity.sophos.com/2019/09/18/wannacry-the-worm-that-just-wont-die/
Malindo Air
The CEO of Malaysian airline Malindo Air confirmed a data breach that exposed the information of millions of travelers. To read more: https://www.scmp.com/news/asia/southeast-asia/article/3027780/malindo-air-confirms-data-breach-exposing-millions
WeWork
A total of 658 devices including servers, computers and coffee machines were exposed on WeWork’s network. Public WiFi is a security concern anywhere but especially for shared workspace providers such as WeWork that can have dozens of companies working within a single building. To read more: https://www.cnet.com/news/weworks-weak-wi-fi-security-leaves-sensitive-documents-exposed/
Ad-blocker extensions
AdBlock and uBlock Origin were caught stuffing cookies in millions of users’ web browsers to generate affiliate income from referral schemes. Both extensions each have over 800,000 users. To read more: https://thehackernews.com/2019/09/browser-chrome-extension-adblock.html
Chrome browser
Google released urgent software updates for Chrome to patch high-risk security vulnerabilities. In order to prevent hackers from exploiting the vulnerabilities while people are updating their browsers, Google has not released details of the issues. To read more: https://thehackernews.com/2019/09/google-chrome-update.html
Emotet
The Emotet spam botnet obtains information by raiding contact lists and email inboxes of infected computers, and then fools victims by sending correspondence with quotes from the bodies of previous email threads. To read more: https://arstechnica.com/information-technology/2019/09/worlds-most-destructive-botnet-returns-with-stolen-passwords-and-email-in-tow/
Click2Gov
Two years after hackers began breaking into local government payment portals, the attacks are still going on. Eight cities’ Click2Gov payment portals were compromised in the past month alone. To read more: https://www.zdnet.com/article/two-years-later-hackers-are-still-breaching-local-government-payment-portals/
FEMA
The Federal Emergency Management Agency notified 2.5m survivors of natural disasters that their personal information was shared with a third party. Anyone who applied for temporary housing assistance between 2008 and 2018 was impacted by the breach. To read more: https://www.wfla.com/news/local-news/fema-notifying-disaster-survivors-of-data-breach/
Thinkful
Thinkful, which provides online education for developers, confirmed that it experienced a data breach two weeks after the company was acquired by Chegg for $80m. To read more: https://www.siliconrepublic.com/enterprise/thinkful-chegg-data-breach
Animates
The website of pet store Animates was shut down after a data breach. Customers’ addresses, emails and phone numbers were compromised. To read more: https://www.newshub.co.nz/home/money/2019/09/animates-website-forced-offline-after-breach-compromises-customers-credit-cards.html
Sign up below and receive these reports and more, directly in your inbox.
https://upscri.be/9816bc