Supermicro servers
Vulnerabilities exist in the baseboard management controller of Supermicro enterprise servers. Dubbed USBAnywhere, the flaw could allow someone to launch a USB attack without physically accessing a vulnerable server. To read more: https://thehackernews.com/2019/09/hacking-bmc-server.html
Metasploit module
Metasploit released a weaponized exploit for the BlueKeep Windows vulnerability. This exploit is advanced enough to achieve code execution on remote systems. To read more: https://www.zdnet.com/article/metasploit-team-releases-bluekeep-exploit/
ZAO
A new Chinese AI-based face-swapping app called ZAO was downloaded millions of times last week. The platform WeChat has restricted its use due to security concerns. To read more: https://thehackernews.com/2019/09/face-swapping-deepfake-zao.html
Intel servers
Cryptocurrency-mining malware formerly limited to ARM internet-of-things devices made the jump to Intel systems. The malware seeks to establish an SSH port 22 connection and deliver itself as a gzip archive. To read more: https://www.theregister.co.uk/2019/08/30/coinmining_malware_intel/
Option Way
The French flight-booking website Option Way experienced a data breach that exposed the personal details of customers. Researchers found over 100GB of data open to compromise. To read more: https://www.vpnmentor.com/blog/report-option-way-leak/
Android exploits
The information-security company Zerodium is offering up to $2.5m to hackers who produce Android zero-day attacks. This represents a large increase in payout for Android exploits and suggests that the demand has significantly increased. To read more: https://thehackernews.com/2019/09/android-full-chain-zero-day-exploit.html
SMS phishing attacks
Researchers found advanced phishing attacks in Android-based phones, including those by Samsung, Huawei, LG and Sony. A remote agent tricks users into accepting new phone settings that route internet traffic through a proxy controlled by the attacker. To read more: https://research.checkpoint.com/advanced-sms-phishing-attacks-against-modern-android-based-smartphones/
XKCD forums
The forum for the comic strip XKCD went offline after 562,000 accounts were breached. Exposed data included passwords that were both salted and hashed. To read more: https://nakedsecurity.sophos.com/2019/09/03/xkcd-forums-breached/
Yves Rocher
Yves Rocher cosmetics company is warning customers of a data breach that exposed the personal data of millions of customers. The exposure occurred when a third-party consultant left a database unprotected. To read more: https://threatpost.com/data-leak-impacts-millions/147908/
Providence Health Plan
Providence Health Plan notified 122,000 members that their personal information was exposed in a security breach at the program’s dental-plan administrator. To read more: https://www.fiercehealthcare.com/tech/providence-health-plan-notifying-122k-members-third-party-data-breach
An unprotected server exposed the phone numbers and Facebook IDs associated with 419m records. This is the latest of many security issues that Facebook has faced since the Cambridge Analytica scandal. To read more: https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/
Teletext Holidays
British travel company Teletext Holidays announced a data breach that left 212,000 customer call files unprotected on a server for three years. The files have since been removed. To read more: https://www.informationsecuritybuzz.com/expert-comments/teletext-holidays-data-breach-exposes-212000-customer-call-recordings/
Denmark rail ticket system
Denmark’s rail operator DSB announced a data breach impacting online ticketing platforms and machines at stations. To read more: https://www.thelocal.dk/20190902/denmarks-rail-ticket-system-targeted-in-digital-attack
Mastercard
A database containing information on 90,000 German Mastercard loyalty-program members was shared online. To read more: https://www.bleepingcomputer.com/news/security/data-of-90k-mastercard-priceless-specials-members-shared-online/
Flagstaff Unified School District
Classes at all Flagstaff Unified School District schools and pre-schools were canceled last Friday because of a cybersecurity incident. To read more: https://gcmaz.com/fusd-classes-cancelled-thursday-due-to-a-cyber-security-threat/
DK-Lok
A cybersecurity company revealed an open database belonging to DK-Lok, a South Korean industrial manufacturer. The database was discovered during a web-mapping project that used port scanning to find systems online lacking authentication restrictions. To read more: https://www.zdnet.com/article/dklok-data-breach-leaked-global-enterprise-client-internal-emails/
Hong Kong exchange
The head of the Hong Kong Stock Exchange announced that a series of cyberattacks blocked traders from entering orders on the exchange’s futures and derivatives trading system. Trading resumed on Friday after a bug was fixed. To read more: https://www.finextra.com/newsarticle/34352/hong-kong-exchange-suffers-cyber-attack
CircleCI
CircleCI informed clients that a third-party analytics vendor suffered a data breach exposing login information for their GitHub and Bitbucket accounts. To read more: https://www.scmagazine.com/home/security-news/data-breach/circlci-data-breach-exposed-customer-github-and-bitbucket-logins/
Wikipedia
A cyberattack took Wikipedia offline in the first successful attempt to block access to the site through smart objects connected to the internet. To read more: https://www.haaretz.com/world-news/.premium-access-to-wikipedia-blocked-after-first-of-its-kind-cyber-attack-1.7808087
Oklahoma Law Enforcement Retirement System
The Oklahoma Law Enforcement Retirement System announced that it fell victim to a cyberattack where $4.2m was stolen. To read more: https://ktul.com/news/local/42-million-stolen-from-state-police-retirement-fund-after-hack
Sign up below and receive these reports and more, directly in your inbox.
https://upscri.be/9816bc