Instagram
Instagram recently patched a security flaw that may have
accidentally exposed some of its users’ passwords in plain text.
The bug was found in a newly implemented feature called “Download
Your Data” that enables users to download a copy of what they
shared on the social platform. To read more: https://thehackernews.com/2018/11/instagram-password-hack.html
Google Android
Researchers found 13 driving-simulation apps in the Google Play
Store that have no legitimate function. These apps have been
downloaded over half a million times. Once installed the apps hide
themselves and their shortcut icons, then request that the user
download and install an additional .APK. If the user grants
consent the app displays ads without permission. To read more:
https://www.zdnet.com/article/fake-google-android-driving-apps-claim-half-a-million-victims/
United States Postal Service
USPS fixed a security issue that had enabled anyone with an account
at usps.com to view the account details of some 60 million other
users. The problem was caused by an authentication weakness in an
API. A researcher discovered the flaw more than a year ago and
informed USPS of his finding, but didn’t receive a response. To
read more: https://krebsonsecurity.com/2018/11/usps-site-exposed-data-on-60-million-users/
Vision Direct
Vision Direct, a UK-based contact-lens supplier, revealed a data
breach that lead to widespread theft of customer data. The stolen
information included names, addresses, emails, passwords and phone
numbers. To read more: https://www.zdnet.com/article/vision-direct-reveals-customer-credit-card-leak/
Make-A-Wish
Hackers took advantage of an unpatched Drupal vulnerability to
install a cryptocurrency-mining script on the Make-A-Wish website.
The cryptominer, which has been active since May, was discovered on
the international version of the non-profit’s site. To read more:
https://threatpost.com/cryptojacking-attack-targets-make-a-wish-foundation-website/139194/
Altus Baytown Hospital
A Texas-based hospital revealed a ransomware outbreak that may have
led to a leak of patient data. Altus Baytown Hospital found that
hackers had installed malicious code that infected the hospital’s
systems with Dharma ransomware. To read more: https://www.zdnet.com/article/texas-hospital-becomes-victim-of-ransomware-patient-data-potentially-leaked/
Dark Web hosting
Daniel’s Hosting, one of the larger Dark Web hosting providers, was
hacked and forced offline. The server’s root account was deleted
and all 6,500 Dark Web services hosted on the platform no longer
appear. To read more: https://www.zdnet.com/article/popular-dark-web-hosting-provider-got-hacked-6500-sites-down/
Spectre variant 2
Major slowdowns in the new Linux 4.20 kernel can be traced to a
patch for Spectre variant 2. The newly implemented mitigation is
built into the kernel for all Intel systems. Linus Torvalds, the
founder of Linux, has requested that the patch is not enabled by
default. The fix uses Single Thread Indirect Branch Predictors to
specifically address attacks against hyper-threading. To read more:
https://www.zdnet.com/article/linus-torvalds-after-big-linux-performance-hit-spectre-v2-patch-needs-curbs/
Italian email accounts
Hackers gained access to thousands of certified Italian email
accounts, including those of magistrates and security officials.
The attack was launched on November 12th and targeted a server
located near Rome. The hackers potentially accessed data from
500,000 accounts. To read more: https://www.reuters.com/article/us-italy-cyber/big-foreign-cyber-attack-targets-italian-certified-email-accounts-idUSKCN1NO2I6
MySpace and Dropbox hacker
Recorded Future, a cybersecurity company, claims to have uncovered
the real world identity of Tessa88, a pseudonym for the hacker that
sold databases from MySpace, Badoo, Dropbox, LinkedIn and Twitter,
among others. Maksim Vladimirovich Donakov is known for
perpetrating many major hacks in 2016. To read more: https://www.zdnet.com/article/cyber-security-firm-doxxes-hacker-who-sold-myspace-and-dropbox-databases-in-2016/
HealthEquity
A hack of two employee email accounts potentially exposed the
personal data of 190,000 customers of HealthEquity, a
healthcare-savings company?—?the second breach reported by the firm
this year. The first occurred in June, when an unauthorized user
hacked into an employee’s email account and breached the data of
16,000 customers. To read more: https://healthitsecurity.com/news/healthequity-email-hack-breaches-data-of-190k-patients
Amazon
Amazon shared a message with some customers about the possible
exposure of their personal information. The company attributed the
problem to a technical error rather than a data breach. Customers
were informed that they did not need to change their passwords. To
read more: https://news.alphastreet.com/data-security-slip-up-casts-shadow-over-amazons-holiday-sales/
High Tail Hotel
An “erotic furry” game called High Tail Hotel was hacked last
August, but developers only recently found the attack after Tony
Hunt, founder of an email-security website known as Have I Been
Pwnd, alerted the studio of the breach. User emails, names, IP
addresses and orders on the site were exposed. To read more:
https://techraptor.net/content/erotic-furry-game-data-breach-compromises-data-for-400k-users
Japan’s cybersecurity minister
The Japanese minister of cybersecurity who recently made headlines
for not using computers has now told a Diet committee that he is
not very familiar with cybersecurity issues. According to Minister
Sakurada, his job is to “read out written replies (prepared by
bureaucrats) without making any mistakes.” This is not exactly
encouraging for Japan’s digital domain. To read more: https://www.japantimes.co.jp/news/2018/11/23/national/politics-diplomacy/japan-cybersecurity-minister-doesnt-use-computers-says-hes-not-familiar-cybersecurity/
Drupal
Hackers are launching new attacks against Drupal website owners.
The hackers aim to gain a foothold on servers to install a
legitimate SSH client so they can log in to the hijacked systems.
Attackers are using the Drupalgeddon 2 and Dirty COW
vulnerabilities to pull off the hack. To read more: https://www.zdnet.com/article/hackers-use-drupalgeddon-2-and-dirty-cow-exploits-to-take-over-web-servers/
Adobe
Adobe has issued a patch for a vulnerability in Flash Player that
could lead to arbitrary code execution. The vulnerability affects
versions of Flash Player running on Windows, MacOS, Linux and
Chrome OS. To read more: https://threatpost.com/critical-adobe-flash-bug-impacts-windows-macos-linux-and-chrome-os/139264/
Electronic Arts Origin
A bug in Electronic Art’s (EA’s) Origin online-gaming platform
enables a hacker to gain access to account data. According to the
researcher who found the vulnerability, “the issue occurs when you
use the EA Origin client but request to edit your account on
EA.com; the EA client will spit out an auto-login URL, which is
basically the equivalent of your active username and password.” To
read more: https://www.zdnet.com/article/a-bug-in-ea-origin-client-exposes-gamers-data/
Atlantis word processor
Researchers at Cisco Talos discovered multiple critical
vulnerabilities in its Atlantis Word Processor. The flaws enable
remote attackers to execute arbitrary code and ultimately take over
computers. To read more: https://thehackernews.com/2018/11/word-processor-vulnerability.html
Kitten of Doom
A denial-of-service vulnerability was discovered in the Skype for
Business unified-communications platform. The bug can be triggered
by sending large numbers of emojis to the instant messaging client.
The attack was named “Kitten of Doom” because researchers initially
used the kitten emoji to demonstrate the attack. To read more:
https://threatpost.com/emoji-attack-can-kill-skype-for-business-chat/139186/
Pterodo malware
The Computer Emergency Response Team and Foreign Intelligence
Service of Ukraine have detected a new strain of the Pterodo
malware targeting computers at various Ukrainian government
agencies. Pterodo is a backdoor used to insert malware and collect
information. To read more: https://arstechnica.com/information-technology/2018/11/ukraine-detects-new-pterado-backdoor-malware-warns-of-russian-cyberattack/
Sign up below and receive these reports and more directly in your inbox.