NSA tools
The NSA is planning to release its GHIDRA reverse-engineering tool
for free. GHIDRA is a Java-based framework that runs on various
platforms, including Windows, MacOS and Linux. To read more:
https://thehackernews.com/2019/01/ghidra-reverse-engineering-tool.html
Early Warning Network: Australia
Hackers were able to send spam messages to subscribers of
Australia’s Early Warning Network, a large-scale emergency-warning
system. The hackers used stolen credentials to log into the system
and send the messages. To read more: https://threatpost.com/hack-early-warning-network-spam/140618/
Zerodium
An exploit vendor known as Zerodium is offering to pay $2m for
remote iOS jailbreaks and $1m for exploits targeting
secure-messaging apps. The highest previous payout was $1.5m for an
iOS jailbreak that could be executed remotely. To read more:
https://thehackernews.com/2019/01/zero-day-exploit-market.html
Town of Salem
A few weeks ago a popular browser game called Town of Salem had a
data breach that exposed 7.6 million hashed passwords. Since then
over 27% of the passwords have been cracked. BlankMediaGames, which
created the game, found and removed three different PHP files from
its web server that enabled the hackers to have a backdoor and
exploit the system. To read more: https://www.bleepingcomputer.com/news/security/27-percent-of-passwords-from-town-of-salem-breach-already-cracked/
Ethereum Classic
Coinbase has suspended all Ethereum Classic transactions on its
trading platform after detecting an attack that enabled a hacker to
spend the same digital coins twice. This attack lost $1.1 million
worth of Ethereum Classic currency. To read more: https://thehackernews.com/2019/01/ethereum-double-spend-attack.html
BenefitMall
Centerstone Insurance and Financial Services, which does business
as BenefitMall, announced that it had experienced a data breach
that may have impacted some of its customers. The company said that
an email phishing attack exposed employee login credentials. To
read more: https://www.insurancebusinessmag.com/us/news/cyber/benefitmall-announces-data-breach-121182.aspx
Humana
Humana, an American health-insurance company, recently notified
members that their information may have been (read: probably was)
accessed in a cyberattack that occurred in May 2018?—?at least
seven months ago. To read more: https://www.beckershospitalreview.com/payer-issues/humana-notifies-members-of-2018-security-breach.html
DiscountMugs.com
Hackers broke into DiscountMugs.com’s website using malicious code
to steal customers’ credit cards and other personal information.
The breach occurred from August 5th to November 16th, 2018?—?again,
months ago. To read more: https://www.asicentral.com/news/newsletters/promogram/january-2019/discountmugscom-acknowledges-data-breach/
Chinese resumes
Researchers found a database online containing records of more than
202 million Chinese citizens that was accessible to anyone without
authentication. An unnamed American company was hosting the
database in a MongoDB instance. The database is apparently now
secured. To read more: https://thehackernews.com/2019/01/mongodb-chinese-database.html
OXO International
OXO International disclosed a data breach that may have exposed
customer information over two years. The company is a manufacturer
of homeware, office supplies and kitchen utensils. To read more:
https://www.zdnet.com/article/oxo-international-discloses-data-breach-customer-data-over-two-years-impacted/
PyLocky Ransomware
A security researcher from Cisco’s Talos cyber-unit released a free
decryption tool that makes it possible for infected victims to
unlock their files without paying a ransom. The limitation is that
to recover the data successfully, the victim must have captured the
initial network traffic between the ransomware and its
command-and-control server. To read more: https://thehackernews.com/2019/01/pylocky-free-ransomware-decryption.html
Mondelez
This US food distributor, which was hit by the NotPetya ransomware,
is suing its insurance company for refusing to pay out on a claim
for damages caused by the hack. To read more: https://www.itpro.co.uk/security/32708/notpetya-victim-sues-its-insurance-company
Amazon
Sellers on Amazon India encountered a bug in the website where they
could access the Merchant Tax Reports of other sellers besides
their own. Amazon has since fixed the issue and claims that only
400,000 sellers were hit by the breach. To read more: https://www.thenewsminute.com/article/data-breach-amazon-india-exposes-financial-data-nearly-400k-sellers-94844
Skype
A bug in Skype could have enabled hackers to bypass authentication
and access personal data on an Android device by answering a Skype
call to that device. To read more: https://threatpost.com/skype-glitch-allowed-android-authentication-bypass/140586/
Google
Google removed 85 apps from the Play Store after discovering that
they were pushing adware to users. The apps push full-screen ads at
regular intervals onto user devices without consent. To read more:
https://thehackernews.com/2019/01/android-adware-malware.html
Alcatel phones
A pre-installed weather app on Alcatel smartphones contained
malware that subscribed device owners to premium phone numbers
without their knowledge. To read more: https://www.zdnet.com/article/malware-found-preinstalled-on-some-alcatel-smartphones/
DNS hijacking
Researchers at FireEye have linked a wave of global DNS hijacking
attacks to Iran. The attacks focused on government, telecom and
internet-infrastructure companies. The hackers were trying to steal
victims’ usernames, passwords and domain credentials. To read more:
https://threatpost.com/unprecedented-dns-hijacking-attacks-linked-to-iran/140737/
Systemd
Security researchers found three vulnerabilities in Systemd, a
Linux software suite, that could enable attackers to gain root
access to targeted systems. The vulnerabilities are in the service
that collects information from different sources and creates event
logs in the journal. The bugs impact all Linux distributions,
including Red Hat and Debian. To read more: https://thehackernews.com/2019/01/linux-systemd-exploit.html
Modlishka
A new penetration-testing tool can automate phishing attacks more
easily than ever before. The tool is a reverse-proxy that was
modified for handling traffic meant for login pages. To read more:
https://www.zdnet.com/article/new-tool-automates-phishing-attacks-that-bypass-2fa/
Fuze cards
Hackers who specialize in cashing-out stolen credit cards are
making heavy use of Fuze cards?—?smartcard devices that enable
users to store dozens of credit and debit cards on a single device.
To read more: https://krebsonsecurity.com/2019/01/secret-service-theft-rings-turn-to-fuze-cards/
Sign up below and receive these reports and more, directly in your inbox.