Polyverse Weekly Breach Report

Sep 28, 2017By Shaina Raskin

A snapshot look at the cybersecurity breaches of last week.

VEVO

Hackers posted 3.12 terabytes of VEVO’s internal files online. The files belong to music and video services from September 15th 2017. Some of the files contain sensitive data including alarm codes for the UK office. To read more: https://www.grahamcluley.com/vevo-hack/

CCleaner

The popular Windows utility CCleaner suffered a “security incident” that saw users updated with a legitimate digitally signed version of the software that opened a malicious backdoor. To read more: https://www.grahamcluley.com/ccleaner-backdoor/. The company has since issued new code.

Pirate Bay

A cryptocurrency miner surfaced on the torrenting site for a day this weekend. Coin Hive lets companies monetize traffic by embedding a miner for Monero in the sites code. To read more: https://threatpost.com/pirate-bay-spotted-hosting-monero-cryptocurrency-miner/128004/

Viacom

Researchers found an open misconfigured AWS S3 bucket containing everything a hacker would need to take down the company’s IT systems. Some of the data was encrypted using GPG, but that would not be an issue for the hackers because the bucket also contained the decryption keys. To read more: https://www.theregister.co.uk/2017/09/19/viacom_exposure_in_aws3_bucket_blunder/

SEC

The SEC says its corporate filing system was hacked last year. To read more: https://www.cbsnews.com/news/sec-says-its-corporate-filing-system-was-hacked/

Verizon

Security researchers found another data exposure at Verizon. Confidential documents were found on an unprotected S3 storage server. These detailed server and infrastructure maps, IP addresses, global router hosts among other things. To read more: http://www.zdnet.com/article/another-verizon-leak-exposed-confidential-data-on-internal-systems/

Reported Vulnerabilities

Red Alert 2.0

The banking Trojan has infiltrated a variety of third party apps. When a victim opens the app, the malware overlays a dialog, enticing users to enter their login details. When the credentials are stolen they are passed to a remote server. To read more: https://www.tripwire.com/state-of-security/featured/red-alert-android-banking-trojan/

SafeBrowse

The Chrome browser extension is secretly mining bitcoin. If you have the extension enabled it will run continuously in the background, running crypto mining code from Coin Hive. To read more: https://hotforsecurity.bitdefender.com/blog/first-ever-crypto-mining-chrome-extension-discovered-18992.html

Security Cameras

Proof-of-concept malware called aIR-Jumper can be used to defeated air-gapped network protections and send data in and out. To read more: https://threatpost.com/malware-steals-data-from-air-gapped-network-via-security-cameras/128038/

Want to learn more?

Sign up at below and receive weekly cybersecurity updates.

https://upscri.be/6704cf/

Like the report? Sign up below and get it in your inbox.

Products
Polymorphing - Linux
Polymorphic Build Farm - Open Source
Polyscripting
Polyscripting - WordPress
Solutions
Finance
Healthcare
Defense
DevSecOps
Embedded/IoT
HPC
Government
SUSE
Resources
Linux Weakness Report
Open Source Projects
Documentation
Resource Library
Webinars
Demos
Blogs
FAQ
Pricing
How to Buy
Partners
Free Trial
Get Demo
Company
About Us
Newsroom
Careers
Contact Us

10400 NE 4th St.
Suite 500
Bellevue, WA 98004

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.

polyverse small logo

© 2020 Polyverse

Terms of Use
Zerotect Terms and Conditions