Quora
A popular question-and-answer website was hacked, giving
cybercriminals unauthorized access to the sensitive personal
information of 100 million users. This number is almost half of
Quora’s entire user base. Read more: https://thehackernews.com/2018/12/quora-hack.html
1–800-Flowers
Payment card data from 1–800-Flowers was stolen in a data breach
that persisted for four years. The impacted data consists of basic
card information like names, payment card numbers, expiration dates
and security codes. Read more: https://threatpost.com/1-800-flowers-becomes-latest-payment-breach-victim/139619/
GOP Campaign Committee
The National Republican Congressional Committee was hacked during
the latest election cycle. The breach included thousands of emails
from senior aides. Read more: https://talkingpointsmemo.com/dc/report-house-gop-campaign-committees-emails-were-hacked
SKY Brasil
Data belonging to 32 million SKY Brasil customers was exposed on
the internet. A researcher discovered multiple servers in Brazil
running Elasticsearch that made the personally identifiable
information of customers available without authentication. Read
more: https://www.bleepingcomputer.com/news/security/sky-brasil-exposes-32-million-customer-records/
Signet Jewelers
The parent company of Jared and Kay Jewelers fixed a vulnerability
in both companies’ websites that exposed customer information. A
customer discovered that if he slightly modified the link in his
confirmation email and then pasted it into a browser, another
customer’s order was revealed. Read more: https://krebsonsecurity.com/2018/12/jared-kay-jewelers-parent-fixes-data-leak/
BeatStars
A marketplace for selling music production beats disclosed a
security breach. Not only was its website defaced, but the attacker
tried to mass delete and alter the site’s database. Read more:
https://www.zdnet.com/article/beatstars-discloses-security-breach-in-twitter-live-stream/
Christie Digital
The projection technology and digital display systems creator
experienced a “worldwide” cyberattack that halted production.
According to Christie Digital, the attack was a network server
issue involving malware. Read more: https://www.therecord.com/news-story/9071042-cyber-attack-batters-christie-digital/
Linux.org
A hacker was able to access the registrar account for Linux.org’s
domain and then point the DNS to another server. In place of the
original site, Linux.org pointed to a page exclaiming “G3T 0WNED
L1NUX N3RDZ,” and included a NSFW picture and abusive language.
Read more: https://www.linux.org/threads/linux-org-dns-hijack-incident.21073/
Printers
A hacker exploited 50,000 internet-connected printers to send
fliers asking people to subscribe to PewDiePie’s YouTube channel.
The hacker found a list of vulnerable printers with port 9100 open
and then exploited them. Read more: https://thehackernews.com/2018/11/pewdiepie-printer-hack.html
Ransomware
New ransomware has already infected more than 100,000 computers
across China. Unlike most ransomware, the virus does not demand
Bitcoin as payment but instead asks victims to pay Yuan through
WeChat Pay. Read more: https://thehackernews.com/2018/12/china-ransomware-wechat.html
Kubernetes
A critical privilege-escalation vulnerability was discovered in
Kubernetes. This is one of the first serious problems found in
Kubernetes with a CVSS score of 9.8. If unpatched, a hacker could
exploit the bug and gain access to cloud infrastructure and carry
out any number of issues like installing malware or sabotaging
production workloads. Read more: https://threatpost.com/kubernetes-flaw-is-a-huge-deal-lays-open-cloud-deployments/139636/
Adobe Flash
Researchers discovered a new zero-day vulnerability in Adobe Flash
that hackers are actively exploiting in the wild. The
vulnerability, CVE-2018–15982, is a use-after-free flaw that allows
an attacker to execute arbitrary code. Read more: https://thehackernews.com/2018/12/flash-player-vulnerability.html
WordPress
WordPress sites are being attacked by a botnet of infected
WordPress websites. The infected sites were first exploited by a
brute-force password attack through a Russian proxy provider, which
targeted an API. To read more: https://threatpost.com/infected-wordpress-sites-are-attacking-other-wordpress-sites/139666/
Linux malware
A cybersecurity company called ESET released a report detailing 21
new Linux malware families. The malware families are all trojanized
versions of the OpenSSH client. Read more: https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/
PolicyKit (aka polkit)
A vulnerability in Linux’s PolicyKit allows any low-privileged user
account to execute any systemctl command. PolicyKit is an
application-level toolkit that defines policies and handles
system-wide privileges. The issue impacts most popular Linux
distributions, including Red Hat, Debian, Ubuntu and CentOS. Read
more: https://thehackernews.com/2018/12/linux-user-privilege-policykit.html
Chrome extension: Auto Font Manager
A nation-state-backed hacking group used a Google Chrome extension
to infect victims and steal passwords and cookies from browsers in
the academic sector. The hackers used spear-phishing emails to get
people to install a Chrome extension named Auto Font Manager. Read
more: https://www.zdnet.com/article/cyber-espionage-group-uses-chrome-extension-to-infect-victims/
SplitSpectre
Researchers from Northeastern University and IBM Research
discovered a new variation of Spectre that can be exploited via
browser-based code. A SplitSpectre attack is much easier to execute
than the original Spectre attack. However, existing Spectre
mitigations would thwart any SplitSpectre attacks. Read more:
https://www.zdnet.com/article/researchers-discover-splitspectre-a-new-spectre-like-cpu-attack/
Sign up below and receive these reports and more directly in your inbox.