The Pirate Bay
The Pirate Bay was down for more than a week because of a series of distributed denial-of-service attacks against the torrent website. Attackers flooded the Sphinx search daemon with searches, which crashed the website. To read more: https://thehackernews.com/2019/10/the-pirate-bay-down.html
2020 Summer Olympics
According to Microsoft’s Threat Intelligence Center, Russian state-sponsored hackers are targeting anti-doping authorities. The attacks are thought to be connected to the 2020 Olympics, with the latest attack beginning on September 16, shortly after the World Anti-Doping Agency discovered irregularities in a database from Russia’s national anti-doping laboratory. To read more: https://thehackernews.com/2019/10/cyber-attack-tokyo-olympics.html
UniCredit Bank
UniCredit, an Italian banking and financial-services company, announced that a security incident leaked the personal information of 3m domestic customers. The company has not disclosed details on how the breach occurred, only that the breach was of a file created in 2015. To read more:https://thehackernews.com/2019/10/unicredit-bank-data-breach.html
Georgia
The country of Georgia was hit by a cyberattack that knocked out more than 2,000 websites and the national TV station. To read more: https://www.bbc.com/news/technology-50207192
American Cancer Society
The American Cancer Society’s online store fell victim to malware that stole credit-card information. A researcher found the malware buried in obfuscated code that was written to look like analytics. To read more:https://techcrunch.com/2019/10/28/american-cancer-society-credit-card-malware/
Linux
Top Linux maintainers believe that CPU security vulnerabilities, such as those that led to the Spectre and Meltdown exploits, will continue to be around for many years. To read more: https://www.zdnet.com/article/top-linux-developer-on-intel-chip-security-problems-theyre-not-going-away/
Facebook filed a lawsuit against the Israeli surveillance firm NSO Group, alleging that it was involved in hacking users of WhatsApp, which is owned by Facebook. Attackers were found exploiting a vulnerability in the encrypted mobile app and using it to remotely install Pegasus spyware on targeted devices. To read more: https://thehackernews.com/2019/10/whatsapp-nso-group-malware.html
Kudankulam Nuclear Power Plant
A former analyst tied North Korean malware to a cyberattack on India’s Kudankulam Nuclear Power Plant. The malware likely targeted the plant’s technical information. To read more: https://arstechnica.com/information-technology/2019/10/indian-nuke-plants-network-reportedly-hit-by-malware-tied-to-n-korea/
However: the power-plant’s administration denies that a cyberattack would even be possible as the facility is not connected to an outside network or the internet. To read more: https://www.deccanherald.com/national/south/no-cyber-attack-on-kudankulam-nuclear-plant-systems-771810.html
Domain-name registrars
The domain-name registrars NetworkSolutions.com, Register.com and Web.com are asking users to reset their passwords because an unauthorized third party accessed customer account information. To read more: https://krebsonsecurity.com/2019/10/breaches-at-networksolutions-register-com-and-web-com/
Krystal
This fast-food chain has notified customers of a security breach impacting one of its payment-processing systems. To read more: https://latesthackingnews.com/2019/10/31/us-fast-food-restaurant-krystal-warns-users-of-a-security-breach/
GEDmatch
The genealogy website GEDmatch has security vulnerabilities that could enable malicious hackers to extract sensitive genetic markers or even impersonate users’ relatives. To read more: https://www.geekwire.com/2019/univ-washington-researchers-uncover-dna-data-security-flaws-popular-genealogy-website/
MessageTap
Chinese hackers are using new malware, dubbed MessageTap, to spy on text messages. The malware is apparently designed and used by the group APT41, known for carrying out state-sponsored espionage. To read more: https://thehackernews.com/2019/10/sms-spying-malware.html
MSPs
Bad actors hacked at least 13 managed service providers (MSPs) this year for the purpose of deploying ransomware. Once hackers compromise the network of an MSP, they can quickly infect thousands of computers. To read more: https://www.zdnet.com/article/at-least-13-managed-service-providers-were-used-to-push-ransomware-this-year/
Chrome
Google is urging Chrome users to immediately update the web browser in order to patch two high-severity vulnerabilities. Hackers are actively exploiting the vulnerabilities, which are both use-after-free issues. To read more: https://thehackernews.com/2019/11/chrome-zero-day-update.html
US Department of the Interior
The US Department of the Interior grounded its fleet of aerial drones over concerns about cyberattacks involving Chinese-made drones. To read more:https://www.cnet.com/news/us-interior-department-to-ground-its-drones-over-chinese-spying-risk/
NHS pagers
A security researcher discovered that an amateur radio rig was collecting real-time medical data broadcast by pagers used by the UK’s National Health Service. The details included names, addresses and injuries. To read more: https://techcrunch.com/2019/10/30/nhs-pagers-medical-health-data/
sPower
Utah-based renewable-energy company sPower experienced a cyberattack that disrupted communications with several solar and wind installations. This attack is believed to be the first cybersecurity incident to cause a “disruption” as defined by the Department of Energy. To read more: https://www.cyberscoop.com/spower-power-grid-cyberattack-foia/
APAC ports
A new study reports that a single cyberattack has the potential to cost major Asia-Pacific ports up to $110bn in damages. Currently, 92% of the economic costs from a potential cyberattack are uninsured. To read more:https://www.zdnet.com/article/one-cyber-attack-can-cost-major-apac-ports-110b/
Bed Bath & Beyond
The store Bed Bath & Beyond reported a breach of customer data. A third party gained access to less than one percent of the company’s online customer accounts, but the number of customers affected is still unknown. To read more: https://www.tomsguide.com/news/bed-bath-and-beyond-data-breach
Desjardins Group
A data breach that hit Canada’s Desjardins Group impacted all 4.2m members of the financial cooperative. To read more: https://www.reuters.com/article/us-desjardins-databreach/desjardins-group-data-breach-hit-all-4-2-million-members-quebec-finance-minister-idUSKBN1XB4N0
Sign up below and receive these reports and more, directly in your inbox.
https://upscri.be/9816bc