Weekly Breach Report – August 3rd

Aug 3, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Waydev

This analytics platform, which is used by various software companies, disclosed a data breach where hackers stole GitHub and GitLab OAuth tokens from its internal database. ZDNet: https://www.zdnet.com/article/hackers-stole-github-and-gitlab-oauth-tokens-from-git-analytics-firm-waydev/

Drizly

Online alcohol-delivery company Drizly informed customers of a data breach that exposed their personal data. TechCrunch: https://techcrunch.com/2020/07/28/drizly-data-breach/

Linux malware

Researchers discovered Linux malware that scans the internet for misconfigured Docker API endpoints to infect vulnerable servers. Black Hat Ethical Hacking: https://www.blackhatethicalhacking.com/news/undetectable-linux-malware-targeting-docker-servers-with-exposed-apis/

OkCupid

Researchers disclosed several issues in OKCupid’s dating app that could enable attackers to remotely spy on users’ private messages. The Hacker News:https://thehackernews.com/2020/07/hacking-okcupid-account.html

BootHole

Researchers discovered a buffer-overflow vulnerability in the Secure Boot function that impacts a majority of laptops, desktops, workstations, and servers running Microsoft and Linux. Forbes: https://www.forbes.com/sites/daveywinder/2020/07/29/boothole-secure-boot-threat-confirmed-in-most-every-linux-distro-windows-8-and-10-microsoft-ubuntu-redhat-suse-debian-citrix-oracle-vmware/#1de264a3666e

Zoom

Zoom recently fixed a bug that enabled attackers to crack the numeric passcode used in secure private meetings. The Hacker News: https://thehackernews.com/2020/07/zoom-meeting-password-hacking.html

ShinyHunters

A hacker known as ShinyHunters offered 386m new stolen records from 18 breaches for free on the dark web. Forbes:

https://www.forbes.com/sites/daveywinder/2020/07/29/hacker-gives-away-386-million-stolen-records-on-dark-web-what-you-need-to-do-now-shinyhunters-data-breach/#5e0b07ce6f39

Promo.com

This video-creation platform confirmed a data breach after hackers posted a database containing 22m user records online. Security Boulevard: https://securityboulevard.com/2020/07/promo-com-announces-data-breach-after-22-million-user-records-are-published-online/ 

Moderna

China-backed hackers are targeting Moderna, one of the firms working to produce a COVID-19 vaccine. Reuters: 

https://uk.reuters.com/article/us-health-coronavirus-moderna-cyber-excl/exclusive-china-backed-hackers-targeted-covid-19-vaccine-firm-moderna-idUKKCN24V38M

Twitter

Twitter published an update on its investigation into the causes of its recent security breach, which started with a spear-phishing attack on company employees. Cointelegraph: 

https://cointelegraph.com/news/twitter-releases-details-of-attack-vector-used-by-crypto-hacker

Dave.com

Digital-banking app Dave.com reported a data breach after a hacker published a database of information on 7.5m users. Security Boulevard: https://securityboulevard.com/2020/07/cash-advance-service-dave-com-reports-data-breach/

UK universities

According to new research, more than half of UK universities experienced a data breach in the past year. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/over-half-of-universities-suffered/

ExamSoft Worldwide

Law-school graduates taking an online bar exam were locked out because of a cyberattack on ExamSoft, which produced the exam. Detroit News: https://www.detroitnews.com/story/news/local/michigan/2020/07/28/michigan-bar-exam-crashes-online-company-cites-cyberattack/5527628002/

Vatican

According to a cybersecurity firm, threat actors linked to the Chinese government broke into Vatican computer networks. Gadgets360: https://gadgets.ndtv.com/internet/news/vatican-church-network-chinese-hackers-infiltrated-hong-kong-us-cyber-security-recorded-future-2270690

Avon

Avon, a cosmetics company, suffered its second security incident in the past two months after accidentally leaving a Microsoft Azure server exposed on the internet without a password. ComputerWeekly: https://www.computerweekly.com/news/252486832/Cosmetics-firm-Avon-faces-new-cyber-security-incident

Front Rush

In January researchers informed this athlete-recruiting software company of an S3 bucket exposed on the internet. The company finally sent letters to those potentially impacted by the breach at the end of July. Security Boulevard: https://securityboulevard.com/2020/07/athlete-recruiting-software-company-discloses-data-breach-7-months-after-student-athlete-data-is-exposed/

Blackbaud

One of the largest providers of fundraising and financial-management software to U.K. charities announced a ransomware attack. This attack impacted more than 30 charities. Third Sector: https://www.thirdsector.co.uk/exclusive-30-uk-charities-affected-blackbaud-cyber-attack/finance/article/1690620

Promo

This Israeli marketing-video firm announced a data breach that impacted 14m accounts. OODA Loop: https://www.oodaloop.com/briefs/2020/07/29/promo-data-breach-hits-14-6-million-user-accounts/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.