Immunity
Longtime US-government contractor Immunity developed an exploit for the Windows vulnerability known as BlueKeep, and included it in its penetration-testing toolkit, which is available by subscription. Some security researchers have questioned Immunity’s decision to publish the code, arguing that this may benefit bad actors. Immunity maintains that it made the right choice. To read more: https://www.vice.com/en_ca/article/wjvvvb/cybersecurity-firm-drops-code-for-the-incredibly-dangerous-windows-bluekeep-vulnerability
Fake Google domains
A hacking group known as Magecart is using fake Google domains to load a JavaScript-based credit-card skimmer with support for multiple payment gateways. The hackers use internationalized domain names to conceal traffic from the fake, malicious domains. To read more: https://www.bleepingcomputer.com/news/security/hackers-inject-multi-gateway-card-skimmer-via-fake-google-domains/
MyDoom
Fifteen years after it was created, and having caused more than $38bn of damage, the MyDoom worm is still actively being distributed. MyDoom scrapes email addresses from infected Windows computers and spreads by sending versions of itself as email attachments. To read more: https://www.zdnet.com/article/mydoom-the-15-year-old-malware-thats-still-being-used-in-phishing-attacks-in-2019/
Capital One
Capital One announced a data breach impacting 100m people in the US. A former employee of Amazon Web Services, the cloud-hosting company that Capital One was using, was arrested after illegally accessing the data through a misconfigured firewall. To read more: https://www.bloomberg.com/news/articles/2019-07-29/capital-one-data-systems-breached-by-seattle-woman-u-s-says
VxWorks
Researchers detailed a group of vulnerabilities in VxWorks, a supposedly secure operating system for continuously-functioning apparatus including medical equipment. The vulnerabilities impact around 200m devices. To read more: https://www.wired.com/story/vxworks-vulnerabilities-urgent11
iOS devices
Google researchers disclosed details of four proof-of-concept exploits that could enable remote attackers to target Apple iOS via the iMessage service. The vulnerabilities were patched with the iOS 12.4 update. To read more: https://thehackernews.com/2019/07/apple-ios-vulnerabilities.html
LAPD
A recent data breach at the Los Angeles Police Department that disclosed data on 2,500 officers, also exposed the information of 17,500 officer applicants. The information included names, email addresses and passwords. To read more: https://www.usatoday.com/story/tech/2019/07/29/lapd-officers-job-applicant-information-exposed-data-breach/1859417001/
Sephora
The retailer Sephora emailed its customers in Southeast Asia to inform them of a data breach that exposed personal information. The breach impacted clients in Singapore, Malaysia, Indonesia, Thailand, Philippines, Hong Kong, Australia and New Zealand. To read more: https://www.zdnet.com/article/sephora-data-breach-hits-southeast-asia-and-anz-customers/
Comodo
A hacker used exposed credentials to access internal files and documents owned by the security company Comodo. A security researcher discovered the credentials in a public GitHub repository owned by a software developer at Comodo. To read more: https://techcrunch.com/2019/07/27/comodo-password-access-data/
Small aircraft
The Department of Homeland Security is warning small-aircraft owners that a vulnerability in a plane’s controller area network could enable hackers to take over key navigation systems. To read more: https://thehackernews.com/2019/07/airplane-can-bus-hacking.html
OXID eShop
Researchers discovered vulnerabilities in OXID eShop e-commerce software that could enable attackers to take full control of a website remotely. A leading German e-commerce-software solution, OXID eShop is used by Mercedes, BitBurger and Edeka among others. To read more: https://thehackernews.com/2019/07/oxid-eshop-ecommerce.html
Unsupported Windows versions
Because many Windows users fail to upgrade their devices, security concerns are increasing as the end of Windows 7 support approaches in January 2020. Even though support for Windows XP ended in 2014, one-third of organizations still have at least one Windows XP device connected to a network. Failure to upgrade exposes a large number of users to zero-day vulnerabilities. To read more: https://www.techrepublic.com/article/its-2019-and-one-third-of-businesses-still-have-active-windows-xp-deployments/
AWDL
Vulnerabilities in Apple Wireless Direct Link, which is installed on over 1.2bn products, could enable attackers to track users, crash devices or intercept files. To read more: https://www.zdnet.com/google-amp/article/apples-awdl-protocol-plagued-by-flaws-that-enable-tracking-and-mitm-attacks/
Synology
Synology, which makes network-attached storage (NAS) devices, warned customers to update security settings as hackers are targeting NAS vendors with ransomware. The hackers are using brute-force attacks to gain access on internet-connected boxes, which they then encrypt. To read more: https://nakedsecurity.sophos.com/2019/07/29/nas-vendors-hit-by-brute-force-ransomware-attacks/
Visa contactless cards
Researchers found new vulnerabilities that enable hackers to bypass the payment limits on Visa contactless cards. The flaws impact five major UK banks as well as some terminals located outside of the UK. To read more: https://www.infosecurity-magazine.com/news/flaws-allow-hacker-to-bypass-card/
Cisco
Cisco is settling a lawsuit that accused the company of selling the US government a video-surveillance system that contained security vulnerabilities. To read more: https://thehackernews.com/2019/08/cisco-surveillance-technology.html
Hexane
A new hacking group dubbed Hexane is targeting telecommunications and oil and gas companies in Africa and the Middle East. The security company Dragos discovered the group but has not released much information on its activities. To read more: https://techcrunch.com/2019/08/01/hexane-oil-gas-telecoms-hackers/
Sign up below and receive these reports and more, directly in your inbox.