Visser
Visser, a manufacturer of parts for space and defense contractors, announced a data breach. The likely culprit is DoppelPaymer, a new kind of file-encrypting ransomware. With the object of allowing attackers to later publish stolen data, this malware exfiltrates victims’ data before encrypting files. To read more: https://techcrunch.com/2020/03/01/visser-breach/
WordPress plugins
Hackers continue to exploit vulnerabilities in WordPress plugins. The attacks attempt to hijack sites before administrators apply security patches. To read more: https://www.zdnet.com/article/hackers-are-actively-exploiting-zero-days-in-several-wordpress-plugins/
C3UK
This provider of free WiFi at UK railway stations confirmed a data breach that exposed 146m records. To read more: https://www.bbc.com/news/technology-51682280
Let’s Encrypt
Non-profit certificate authority Let’s Encrypt is revoking more than 3m TLS certificates. The certificates may have been issued incorrectly because of a bug. To read more: https://thehackernews.com/2020/03/lets-encrypt-certificate-revocation.html
US property and demographic database
Over 200m records containing property-related information on US residents were exposed in a database on Google Cloud. The database was eventually taken offline, but not until more than a month after researchers discovered it and alerted Google’s security team. To read more: https://thehackernews.com/2020/03/us-property-records-database.html
Toyota, Hyundai, Kia
Researchers discovered that hackers exploit radio-enabled keys to steal vehicles. These thefts are possible because of a flaw in how Toyota, Hyundai and Kia implement an encryption system called DST80. To read more:https://www.wired.com/story/hackers-can-clone-millions-of-toyota-hyundai-kia-keys/
Virgin Media
A data breach at Virgin Media exposed the personal details of 900,000 customers. To read more: https://thehackernews.com/2020/03/virgin-media-data-breach.html
PPP daemon
A 17-year-old remote code-execution vulnerability exists in PPP daemon software, which is preinstalled on Linux operating systems. To read more: https://thehackernews.com/2020/03/ppp-daemon-vulnerability.html
Intel CSME
A patched vulnerability in Intel CSME is worse than previously thought. All but the latest generation of chips are vulnerable to exploitation. To read more: https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/
Walgreens
A bug in the mobile app of Walgreens, a large US pharmacy chain, leaked customers’ prescription data. To read more: https://threatpost.com/walgreens-mobile-app-prescription-data/153361/
Carnival Corp
Cruise operator Carnival Corp announced that it was targeted by cyberattacks last year. To read more: https://www.reuters.com/article/us-carnival-corp-cyber/carnival-corp-units-say-were-hit-by-cyber-attack-last-year-idUSKBN20P395
Zynga
A lawsuit was filed against gaming company Zynga over a data breach that exposed 173m users. The breach occurred in September 2019. To read more:https://www.infosecurity-magazine.com/news/zynga-facing-lawsuit-over-data/
Boots
UK-based pharmacy-chain Boots suspended payments using the Boots Advantage loyalty card after a hacker broke into customer accounts. Fewer than 150,000 users were affected. To read more: https://www.bbc.com/news/technology-51742079
Google Authenticator
New malware was discovered that steals 2FA codes generated by the Google Authenticator app. The malware works on Android devices and is a hybrid between a banking trojan and a remote-access trojan. To read more: https://www.zdnet.com/article/google-could-have-fixed-2fa-code-stealing-flaw-in-authenticator-app-years-ago/
J.Crew
Clothes retailer J.Crew reported a data breach that occurred in April 2019 and exposed customer information. To read more: https://www.retaildive.com/news/j-crew-reports-data-breach-of-customer-accounts/573543/
Trident Crypto Fund
A hacker published the usernames and passwords of more than 120,000 customers of this “crypto investment index fund.” To read more:https://cointelegraph.com/news/trident-crypto-fund-data-breach-266-000-passwords-stolen
Microsoft
Microsoft is warning users about Netwalker, a new ransomware strain that injects malicious code into Windows 10 Explorer executables. To read more: https://www.forbes.com/sites/daveywinder/2020/03/06/microsoft-warns-of-devastating-cybersecurity-threat-to-windows-users-heres-what-you-need-to-know/#4ba9dbe11af8