Chrome
Google released software updates for Chrome that fixed three high-severity vulnerabilities. To read more: https://thehackernews.com/2020/02/google-chrome-zero-day.html
OpenSMTPD
A new vulnerability was discovered in OpenSMTPD that enables remote attackers to take control of email servers running BSD or Linux operating systems. To read more: https://thehackernews.com/2020/02/opensmtpd-email-vulnerability.html
Quebec teachers
Using a stolen user code and password, hackers accessed a database containing personal information on 360,000 Quebec teachers. To read more:https://globalnews.ca/news/6582061/personal-information-quebec-teachers-data-breach/
Slickwraps
Online store Slickwraps, which sells skins for smartphones, tablets and other devices, announced a data breach. Over 850,000 user accounts were impacted due to inadequately protected databases. To read more: https://www.zdnet.com/article/slickwraps-says-customer-trust-was-violated-in-avoidable-data-breach/
Mexico’s Secretariat of Economy
This Mexican ministry detected a cyberattack on its servers, but apparently determined that no sensitive information was accessed. To read more: https://www.reuters.com/article/us-mexico-economy-cyberattack/mexicos-economy-ministry-hit-by-cyber-attack-idUSKCN20J0BI
PayPal
Hackers exploited a bug in PayPal’s integration with Google Pay in order to make unauthorized transactions. Most of the victims appear to be German PayPal users. To read more: https://www.zdnet.com/article/paypal-accounts-are-getting-abused-en-masse-for-unauthorized-payments/
Olympics tickets
Two ticket-reselling sites were compromised with Magecart skimming malware. To read more:https://www.scmagazine.com/home/security-news/malware/magecart-group-12-named-as-actor-behind-olympic-ticket-pos-attack/
Samsung
Samsung announced that some users had access to other users’ personal data after a mystery push notification from the app Find My Mobile. According to the company, a technical error caused the issue and has since been fixed. To read more: https://www.theregister.co.uk/2020/02/24/samsung_data_breach_find_my_mobile/
Cyber Command
Newly released documents illustrate why the US military publicly releases North Korean and Russian hacking tools. By publishing the malware, Cyber Command attempts to make it harder for the hackers to remain undetected. To read more: https://www.vice.com/en_us/article/5dmwyx/documents-how-cybercom-publishes-russian-north-korean-malware-virustotal
Zyxel
Zyxel released security updates to fix a bug in its network-attached storage devices. Hackers are actively exploiting the flaw to deploy ransomware. Zyxel admits that the same bug also exists in many of its firewall products. To read more: https://krebsonsecurity.com/2020/02/zyxel-0day-affects-its-firewall-products-too/
Cypress Semiconductor
A vulnerability exists in Wi-Fi chips made by Cypress Semiconductor. The vulnerability enables attackers to decrypt sensitive data sent over the air. To read more: https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/
Cloud snooper
A new attack used a rootkit to sneak traffic through an unidentified victim’s firewalls in order to drop a Trojan onto its cloud servers, circumventing both on-premise firewalls and those running in Amazon Web Services. The hack functions on both Linux and Windows EC2-based servers. A nation-state is thought to be behind the attack. To read more: https://www.darkreading.com/cloud/cloud-snooper-attack-circumvents-aws-firewall-controls/d/d-id/1337171?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple
LTE
A vulnerability in the way that LTE networks authenticate and communicate with mobile devices enabled researchers to impersonate mobile devices on 4G and 5G networks. An attacker could use the vulnerability not only to register for services but also to carry out illegal activity in somebody else’s name. To read more: https://nakedsecurity.sophos.com/2020/02/26/lte-vulnerability-allows-impersonation-of-other-mobile-devices/
BGR India
Hackers shared SQL databases from an unsecured AWS S3 bucket that belonged to India’s BGR tech-news website. The database was part of a larger breach of 21.5GB that included details from two other sites. To read more: https://www.bleepingcomputer.com/news/security/sql-dump-from-bgr-india-shared-on-hacker-forum/
Talman Software
A cyberattack hit Talman Software, a company used by more than 75% of Australia’s wool industry to manage trading and deliveries, cancelling transactions for a week. The attacker encrypted the company’s files with ransomware. To read more: https://www.abc.net.au/news/rural/2020-02-27/ransomware-cyber-attack-cripples-australian-wool-sales/12007912
Gadsden New Mexico
Gadsden school district suffered ransomware attacks twice in the past year. Both times, the district was hit with Ryuk ransomware that locked access to IT systems. To read more: https://www.lcsun-news.com/story/news/local/2020/02/25/gadsden-independent-school-district-hit-ransomware-second-time-year-ryuk-virus/4870455002/
Redcar and Cleveland Borough Council
This regional authority in north-east England confirmed that ransomware impacted its IT systems three weeks ago, causing disruption that has not yet been completely fixed. To read more: https://www.zdnet.com/article/cyberattack-on-servers-was-ransomware-says-council/
Most dangerous mobile-app store
The cyber-security company RiskIQ has identified 9Game.com as the mobile-app store with the most malicious app uploads. According to RiskIQ, 61,669 new malicious apps were uploaded to 9Game in 2019. To read more:https://www.zdnet.com/article/report-identifies-the-most-dangerous-mobile-app-store-on-the-internet/
UK Financial Conduct Authority
The UK’s Financial Conduct Authority announced a data breach that exposed the personal information of 1,600 consumers. To read more: https://www.cisomag.com/u-k-s-financial-conduct-authority-admits-to-accidental-data-breach/
Rwandan data center
A hacker brought down a data center hosting Rwandan government servers. To read more:https://www.datacenterdynamics.com/en/news/rwandan-government-data-center-offline-after-cyber-attack/
RailWorks
RailWorks, a US track-and-transit system provider for railroads, announced a ransomware attack that exposed personal information of current and former employees. To read more: https://www.bleepingcomputer.com/news/security/us-railroad-contractor-reports-data-breach-after-ransomware-attack/
Rotherwood Healthcare
This English care home exposed personal information of the elderly patients living there. The company left an Amazon S3 bucket exposed on the internet. To read more:https://www.theregister.co.uk/2020/02/26/rotherwood_healthcare_data_leak_10k_records_aws/?ck_subscriber_id=512831035