Spying Chips
Testers found a tiny microchip that wasn’t part of the motherboards
original design implanted in devices. Investigators determined that
the chips allowed attackers to create a stealth doorway into any
network that included the altered machines. To read more: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
Pigeoncoin
A hacker exploited a vulnerability in the Pigeoncoin cryptocurrency
to steal 235 million PGN tokens. To read more: https://www.zdnet.com/article/hacker-wastes-entire-day-hacking-pigeoncoin-cryptocurrency-only-to-make-15000/
Burgerville
Burgerville chain revealed a data breach that led to the theft of
customers’ credit card information. The malware was installed on
Burgerville systems in order to scrape and steal data. To read
more: https://www.zdnet.com/article/burgerville-customer-credit-card-info-stolen-in-data-breach-laid-at-fin7s-feet/
Facebook
Hackers are selling Facebook login credentials for $3.00 dollars on
the dark web. According to a study by Money Guru the logins which
were compromised in the latest Facebook data breach can be bought
for 2.30 pounds. To read more: https://nypost.com/2018/10/01/hackers-are-selling-facebook-logins-on-the-dark-web-for-2/
iPhone
There is a passcode bypass vulnerability in Apple’s new iOS version
12 that could allow an attacker to access photos and contacts on a
locked iPhone XS and other new models. To read more: https://thehackernews.com/2018/10/iphone-passcode-bypass-hack.html
GhostDNS
Chinese researchers have found a widespread malware campaign that
has already hijacked over 100,000 home routers and modified their
DNS settings to hack other users. GhostDNS scans for the IP
addresses of routers that use weak or no password, access the
routers’ settings and then changes the default DNS address to one
controlled by the attackers. To read more: https://thehackernews.com/2018/10/ghostdns-botnet-router-hacking.html
Atlantis Word Processor
Researchers found
a variety of critical vulnerabilities in the Atlantis Word
Processor which permit attackers to execute code. The processor is
software used to create documents in a variety of formats and the
conversion of files into eBook and ePub formats. To read more:
https://www.zdnet.com/article/code-execution-bugs-plague-atlantis-word-processor/
Gwinnett Medical Center
Gwinnett Medical Center is investigating a possible data breach
that leaked patient information online. There are no other details
that have yet been released regarding the breach. To read more:
https://www.zdnet.com/article/gwinnett-medical-center-investigates-possible-data-breach/
Recipe Unlimited
A Canadian restaurant chain suffered a country-wide outage of its
IT systems that was described as a malware outbreak. Not all
restaurants were affected. To read more: https://www.zdnet.com/article/restaurant-chain-suffers-canada-wide-outage-after-malware-outbreak/
ATM Hack
A new ATM scheme is being used by the North Korean APT hacking
group called Hidden Cobra. The attackers use malware called
“FASTCash” that remotely compromises payment switch application
servers within the targeted banks. The malware intercepts
transaction requests associated with the attackers’ payment cards
and responds with fake affirmative responses without validating
their available balance, fooling ATMs to spit out cash. To read
more: https://thehackernews.com/2018/10/bank-atm-hacking.html
Adobe
Adobe has sent an update to address 85 CVE-listed security
vulnerabilities in Acrobat and Reader for Windows and macOS. To
read more: https://www.theregister.co.uk/2018/10/02/adobe_acrobat_reader_patch/
Mozilla
Mozilla resolved a critical vulnerability in the Thunderbird email
client. The security flaw is a memory corruption issue that could
be exploited to run arbitrary code. To read more: https://www.zdnet.com/article/mozilla-resolves-critical-remote-code-execution-flaw-in-thunderbird-email-client/
WhatsApp
The Israeli government sent out nationwide security alerts that
WhatsApp accounts were being hijacked. The possibility of account
takeover happens when an attacker tries to add a legitimate user’s
number to a new WhatsApp app installation on his/her own phone. To
read more: https://www.zdnet.com/article/recent-wave-of-hijacked-whatsapp-accounts-traced-back-to-voicemail-hacking/
Cisco
Three critical bugs among 26 others disclosed this week, were
discovered in Cisco’s Prime Infrastructure and Digital Network
Architecture Center products. Cisco has recently released patches
for the issues or admins can disable TFTP and use SFTP or the
Secure Copy Protocol instead. To read more: https://www.theregister.co.uk/2018/10/05/cisco_patches_oct_2018/
Sign up below and receive these reports and more directly in your inbox.