StatCounter
Malicious JavaScript bundled within the traffic-tracking code from
StatCounter, a web-analytics company, was found on 700,000
websites. The hackers were targeting Gate.io, a cryptocurrency
exchange, by compromising the analytics service it was using. To
read more: https://thehackernews.com/2018/11/statcounter-cryptocurrency-cyberattack.html
Ontario Cannabis Store
Ontario’s sole legal retailer of recreational cannabis announced
that an attacker had accessed the order records of 4,500 customers.
The compromised information included postal tracking numbers as
well as names and addresses. To read more: https://www.zdnet.com/article/canada-post-leaked-personal-data-orders-of-thousands-of-cannabis-smokers/
IoT botnet
A new botnet of 100,000 home routers has recently surfaced. The
botnet’s operators are using infected routers to connect with
webmail services and then executing email spam campaigns. To read
more: https://www.zdnet.com/article/iot-botnet-infects-100000-routers-to-send-hotmail-outlook-and-yahoo-spam/
HSBC
International banking giant HSBC reported a breach in October due
to a credential-stuffing attack. The bank became aware that some
online accounts were being accessed by unauthorized users between
October 4th and 14th. To read more: https://threatpost.com/hsbc-data-breach-hits-online-banking-customers/138856/
Nordstrom
Nordstrom is notifying employees of a security breach that exposed
their personally identifiable information, including names,
social-security numbers and more. The company has not released the
number of employees affected by the breach. To read more: https://www.seattletimes.com/business/retail/security-breach-at-nordstrom-exposed-sensitive-employee-data/
Healthcare.gov
Late last month it was announced that hackers had siphoned
thousands of Healthcare.gov applications by breaking into broker
and agent accounts. The Centers for Medicare & Medicaid
Services (CMS) said that the stolen personal data included
immigration status and tax information. CMS previously said that
the breach affected 75,000 people, but this number is likely to
increase. To read more: https://techcrunch.com/2018/11/09/hackers-stole-income-immigration-and-tax-data-in-healthcare-gov-breach-government-confirms/
Solid-state drives
Security researchers discovered multiple critical vulnerabilities
in some popular self-encrypting solid-state drives. The flaws could
enable an attacker to decrypt disks and recover protected data
without knowing the password. To read more: https://thehackernews.com/2018/11/self-encrypting-ssd-hacking.html
WooCommerce
An arbitrary file-deletion vulnerability in the popular WooCommerce
plugin for WordPress could enable an attacker to gain full control
over unpatched websites. WooCommerce powers nearly 35% of e-stores
on the internet?—?more than four million installations. To read
more: https://thehackernews.com/2018/11/woocommerce-wordpress-hacking.html
VirtualBox
A researcher disclosed a zero-day vulnerability in VirtualBox, a
popular open-source virtualization software from Oracle. The
vulnerability occurs due to memory-corruption issues. The flaw is
independent of the operating system being used because it resides
in a shared codebase. To read more: https://thehackernews.com/2018/11/virtualbox-zero-day-exploit.html
Steam
A security researcher found a bug that would have enabled him to
download all the activation keys in the Steam gaming platform. The
bug is in Steamworks, a platform that Valve runs to help developers
build and publish games on Steam. To read more: https://www.zdnet.com/article/steam-bug-could-have-given-you-access-to-all-the-cd-keys-of-any-game/
St. Francis Xavier University
This Nova Scotia university had to shut down its entire computer
network after it was discovered that the system was being used to
mine cryptocurrency. To read more: https://www.zdnet.com/article/university-shuts-down-network-to-thwart-cryptojacking-attack/
Cisco Systems
Cisco accidentally sent users exploit code that was used for
security tests of part of its TelePresence Video Communication
Server and Expressway Series software. The code exploits the Dirty
Cow vulnerability, a well-known vulnerability in the Linux kernel.
To read more: https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/
Apache Struts
The Apache Software Foundation warned that the latest version of
the Commons FileUpload library is susceptible to a two-year-old
remote code execution flaw. Users of the library are being urged to
update their projects manually. To read more: https://threatpost.com/apache-struts-warns-users-of-two-year-old-vulnerability/138820/
Cisco Systems
Cisco’s latest patch marks the seventh time this year that the
company has removed a backdoor account from one of its products. To
read more: https://www.zdnet.com/article/cisco-removed-its-seventh-backdoor-account-this-year-and-thats-a-good-thing/
Monero
A Monero miner was responsible for the sixth-largest cyberattack in
Switzerland. The mining malware enabled Monero mining from personal
computers without the victims’ knowledge. To read more: https://bcfocus.com/news/monero-mining-malware-responsible-for-6th-largest-cyber-attack-in-switzerland-report/26279/
Sign up below and receive these reports and more directly in your inbox.