Twitter
Twitter for iOS disclosed a security bug that leaked iOS users’
location data. The issue occurred during an advertising process
called Real-Time Bidding, and resulted in location data being sent
to an unnamed partner. The social-media company said that it has
fixed the bug, but offered few details in terms of how many users
were impacted and who accessed the data. To read more: https://threatpost.com/twitter-leaked-ios-users-location/144687/
Elasticsearch server
An Elasticsearch server that was left connected to the internet
without any protection leaked personal information for 85% of
Panama’s citizens. A security researcher discovered the server,
which included names, addresses, phone numbers, dates of birth, and
other information. The database was later secured by Panama’s
Computer Emergency Response Team. To read more: https://www.zdnet.com/article/unsecured-server-exposes-data-for-85-percent-of-all-panama-citizens/
WhatsApp
WhatsApp released a statement regarding a security breach of its
messaging service, noting that the incident had been referred to
the U.S. Department of Justice. WhatsApp is encouraging people to
upgrade their apps to the latest version, which it says protects
against targeted exploits. To read more: https://www.reuters.com/article/us-facebook-cyber-whatsapp/whatsapp-urges-users-to-upgrade-app-after-report-of-spyware-attack-idUSKCN1SK0SM
Office of the Australian Information
Commissioner
The latest report from the Office of the Australian Information
Commissioner revealed that more than 10m individuals’ information
was compromised in a single incident. The total population of
Australia is around 25m. The report did not detail the origin of
the breach. To read more: https://www.zdnet.com/article/over-10-million-people-hit-in-single-australian-data-breach-oaic/
Boost Mobile
Boost Mobile confirmed that hackers had broke into an unknown
number of customer accounts. The virtual mobile network notified
users of the breach two months after it occurred. To read more:
https://techcrunch.com/2019/05/13/boost-mobile-hackers-accounts/
Uniqlo
The company behind multiple Japanese retail brands announced that
its Uniqlo Japan and GU Japan online stores had been hacked. The
hackers accessed 461,000 customer accounts using a
credential-stuffing attack. To read more: https://www.bleepingcomputer.com/news/security/hackers-access-over-461-000-accounts-in-uniqlo-data-breach/
Titan Security Keys
A team of researchers discovered a vulnerability in the
Bluetooth-supported version of Google’s Titan Security Keys that
could not be patched. Google offered users a free replacement for
devices impacted by the vulnerability. To read more: https://thehackernews.com/2019/05/google-titan-security-key.html
GozNym malware
Europol and the U.S. Department of Justice disrupted and dismantled
the GozNym malware, which stole more than $100m from bank accounts.
The malware was developed from two existing malware families:
Nymaim, a malware dropper that infects computers through exploit
kits, and Gozi, a web-injection module. The malware was first seen
in 2016. To read more: https://techcrunch.com/2019/05/16/europol-doj-goznym-banking-malware
ASUS cloud
Researchers are investigating a flaw in ASUS’ update mechanism that
enables the installation of malware that backdoors PCs. The malware
is called Plead, and is the work of a group that targets government
agencies and organizations in Asia. To read more: https://arstechnica.com/information-technology/2019/05/asus-cloud-service-abused-to-install-backdoor-on-pcs/
Stack Overflow
One of the largest question-and-answer sites for programmers
revealed that a hacker had gained access to its production systems
this month. The VP of Engineering at Stack Overflow says there is
no evidence that the hackers accessed customer accounts or user
data. To read more: https://thehackernews.com/2019/05/stack-overflow-databreach.html
Singapore Red Cross
The Red Cross of Singapore announced that its website had been
hacked and that the personal data of 4,000 potential blood donors
was compromised. The personal information includes names, blood
types, and contact information. To read more: https://phys.org/news/2019-05-red-website-hacked-latest-singapore.html
South Korean government
The South Korean government is planning to migrate to Linux since
Windows 7 only has seven more months of support. The Interior
Ministry indicated that they are making the move to reduce
long-term costs. To read more: https://www.techrepublic.com/article/south-korean-government-planning-linux-migration-as-windows-7-support-ends/
Ethereum
A security researcher found that a significant portion of the
Ethereum cryptocurrency client software that runs on Ethereum nodes
has not been patched in the wake of a critical security
vulnerability that was discovered earlier this year. Only
two-thirds of the nodes are currently patched. To read more:
https://www.zdnet.com/article/a-large-chunk-of-ethereum-clients-remain-unpatched/
Slack for Windows
A cybersecurity company called Tenable found a vulnerability in the
Slack Desktop App for Windows. Slack is a tool that many companies
use for internal employee communication. The bug could enable an
attacker to alter where a victim’s files are stored when the
documents are downloaded in Slack. The vulnerability has since been
patched. To read more: https://www.tenable.com/press-releases/tenable-research-discovered-a-download-hijack-vulnerability-in-slack
Forbes.com
Forbes.com was hit with Magecart card-skimming malware to steal
customers payment-card information. Hackers injected obfuscated
JavaScript into the website. This attack was linked to other
ongoing supply-chain attacks. To read more: https://www.infosecurity-magazine.com/news/forbes-up-then-down-again/
TeamViewer
Chinese state-sponsored hackers are now believed to have been
behind a cyberattack on German software maker TeamViewer in 2016.
There is no evidence that customer data or other sensitive
information was stolen. To read more: https://www.zdnet.com/article/chinese-cyberspies-breached-teamviewer-in-2016/
Check out Have I Been Pwnedto see if any of your accounts have been exposed by the above breaches.
Thrangrycat
Researchers discovered a vulnerability in Cisco products that
enables attackers to plant persistent backdoors. The vulnerability
affects products that support the Trust Anchor module. To read
more: https://thehackernews.com/2019/05/cisco-secure-boot-bypass.html
Zombieload attack
Researchers discovered a new class of vulnerabilities in Intel
processors that enable attackers to retrieve data being processed.
The new class of bugs is called Zombieload, and is a side-channel
attack in the same category as Meltdown, Spectre and Foreshadow. To
read more: https://www.zdnet.com/article/intel-cpus-impacted-by-new-zombieload-side-channel-attack/
Microsoft
Microsoft addressed 79 vulnerabilities in Windows and other
products. One of the weaknesses is a wormable flaw that propagates
malware from computer to computer without user interaction. To read
more: https://thehackernews.com/2019/05/microsoft-security-updates.html
And for more about the wormable flaw: https://krebsonsecurity.com/2019/05/microsoft-patches-wormable-flaw-in-windows-xp-7-and-windows-2003/
WordPress WP Live Chat Support
For the second time this month a patch was issued for a WordPress
plugin called WP Live Chat Support. The plugin enables users to
install a pop-up “chat” plugin, which first had a file-upload bug
and then a cross-site scripting vulnerability. To read more:
https://threatpost.com/wordpress-wp-live-chat-support-plugin-fixes-xss-flaw/144856/
Salesforce
Salesforce was forced to shut down large pieces of its infrastructure last week. The CRM company made a change to its production environment that broke access-permission settings across organizations, giving employees access to all their company’s files?—?and the ability to steal or tamper with them. To read more: https://www.zdnet.com/article/faulty-database-script-brings-salesforce-to-its-knees/
Sign up below and receive these reports and more, directly in your inbox.