PageUp
PageUp confirmed that some data was actually stolen in the cyberattack from last week. The personal data is from employees who currently or previously had access to the client’s PageUp instance. To read more: https://www.zdnet.com/article/pageup-confirms-some-data-compromised-in-breach/
Bithumb
A south Korean cryptocurrencyexchange, Bithumb, was hacked with 31.5 million worth of tokens stolen. Bithumb has asked customers to stop depositing new funds as all deposit and withdrawal services were halted. To read more: https://www.zdnet.com/article/south-korean-crypto-exchange-bithumb-hacked/
Tesla
Elon Musk sent an email to all of Tesla stating an employee had conducted “quite extensive and damaging sabotage”. The rogue employee made direct code changes to the operating system under false usernames. To read more: https://www.zdnet.com/article/elon-musk-emails-tesla-workers-weve-been-extensively-sabotaged-by-employee/
Intel hyper-threading
OpenBSD has disabled Intel’s hyper-threading technology. Simultaneous Multi-Threading implementations typically share TLBs and L1 caches between threads, which means that several Spectre-class bugs were made more easily exploitable. To read more: https://www.theregister.co.uk/2018/06/20/openbsd_disables_intels_hyperthreading/
Chromecast
Google is fixing a location privacy leak in Google Home and Chromecast devices. A security researcher discovered an authentication weakness that if exploited, leaks accurate location information of users devices. To read more: https://krebsonsecurity.com/2018/06/google-to-fix-location-data-leak-in-google-home-chromecast/
PDQ
A chicken restaurant from North Carolina called PDQ is alerting customers of a data breach. The breach occurred between May 2017 until April of 2018 and included names, credit card numbers and other personal information. To read more: http://www.cbs17.com/news/local-news/wake-county-news/pdq-restaurant-customer-credit-card-info-hacked-in-cyber-attack-officials-say/1258717197
DNS Rebinding
A programmer attempted a retro web attack called DNS rebinding on a few modern devices and found unexpected results. DNS rebinding gives controls and data access to a hacker by exploiting known browser weaknesses. The programmer found that there are DNS rebinding vulnerabilities in virtually every model of Google Home, Chromecast, Sonos WIFI speakers, Roku devices and some smart thermostats. To read more: https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability/
Mylobot
A new malware campaign called Mylobot, comes equipped with three layers of evasion techniques that have not been seen in the wild before. The attack ropes systems into a botnet, provides the attacker with complete control over infected victims and the ability to deliver payloads. To read more: https://www.zdnet.com/article/this-new-windows-malware-wants-to-add-your-pc-to-a-botnet-or-worse/
IoT cameras
There are vulnerabilities within 400 different models in Axis Communication’s internet connected video cameras. By exploiting the vulnerabilities, researchers found that remote attackers could take over devices using just the IP address. To read more: https://www.zdnet.com/article/vulnerabilities-in-these-iot-cameras-could-give-attackers-full-control-warn-researchers/
MacOS
A bug in MacOS can expose the
contents of a user’s files including text and photo thumbnails even
if the drive is encrypted. To read more: https://www.zdnet.com/article/macos-quick-look-bug-leaks-encrypted-data-researchers-find/
TLBleed
Intel has no plans to address a side-channel vulnerability called TLBleed. Using this vulnerability, a team of researchers were able to extract crypto keys from another running program. To read more: https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
Drupal vulnerability
Attackers are exploiting the three-month-old vulnerability in Drupal to create cryptocurrency miners. The vulnerability is being exploited to deliver cryptojacking malware that then uses the power of the victim’s machine to mine Monero. To read more: https://www.zdnet.com/article/three-month-old-drupal-vulnerability-is-being-used-to-deploy-cryptojacking-malware/
WebAssembly
Changes in the WebAssembly standard may render some of the patches against Spectre and Meltdown at the browser level useless. WebAssembly is a compact binary language that a browser will convert into machine code and run directly on the CPU and is supported within all major browsers. To read more: https://www.bleepingcomputer.com/news/security/changes-in-webassembly-could-render-meltdown-and-spectre-browser-patches-useless/
Sign up below and receive weekly breach reports directly in your inbox.