Weekly Breach Report – December 7th

Dec 7, 2020By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Indian start-ups

India’s National Cyber Security Coordinator said that every day there are 375 cyberattacks in India, with start-ups and SMEs the most common targets. WhiteHat Jr, Big Basket and Dunzo are a few such firms whose data was compromised in attacks. Business Insider: https://www.businessinsider.in/business/startups/news/from-whitehat-jr-big-basket-and-unacademy-to-dunzo-these-are-the-indian-startups-that-reported-data-leaks-over-the-past-few-months/slidelist/79467618.cms#slideid=79467641

 

Lab scientists

Security researchers discovered a remote, trojan-based cyberattack that could enable hackers to trick scientists into creating real-world toxins and viruses by using the victim’s computer to replace short DNA sub-strings with malicious code. The Next Web: https://thenextweb.com/neural/2020/11/30/study-security-flaw-could-allow-hackers-to-trick-lab-scientists-into-making-viruses/

 

Bismuth

A hacking group known as Bismuth, with links to the Vietnamese government, is hiding behind coin-miners to target private-sector and government institutions in both France and Vietnam. The Hacker News: https://thehackernews.com/2020/12/nation-state-hackers-caught-hiding.html

 

Crutch malware

Researchers discovered that Russian backdoor and document-stealing malware, code-named Crutch, has been deployed against governments, embassies and military organizations from 2015 to 2020. The Hacker News: https://thehackernews.com/2020/12/experts-uncover-crutch-russian-malware.html

 

npm packages

The security team behind the npm repository for JavaScript libraries removed two malicious code packages that were installing a remote access trojan on victims’ computers. ZDNet: https://www.zdnet.com/article/malicious-npm-packages-caught-installing-remote-access-trojans/

 

iOS exploit

A security researcher found that he could remotely trigger an unauthenticated kernel-memory-corruption vulnerability that would cause all iOS devices in radio proximity to reboot. Google Project Zero:https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html?m=1

 

COVID vaccine

Nation-state hackers are attacking the delivery “cold chain” used to keep COVID vaccines at the correct temperature during transport. BBC: https://www.bbc.com/news/technology-55165552

 

Android apps

Several popular apps, including Bumble, OkCupid, Cisco Teams and Microsoft Edge, are using an unpatched version of Google’s app-update library, putting the personal data of millions of users at risk. The Hacker News:https://thehackernews.com/2020/12/several-unpatched-popular-android-apps.html

 

PowerPepper malware

Researchers discovered an in-memory Windows backdoor that can execute remote code and steal information from its targets. The Hacker News: https://thehackernews.com/2020/12/hackers-for-hire-group-develops-new.html

 

AstraZeneca

Hackers targeted AstraZeneca employees by acting as recruiters and contacting them through LinkedIn and WhatsApp with fake job offers. The job description documents contained malicious viruses that could enable access to the company’s systems. HRD: https://www.hcamag.com/us/news/general/vaccine-maker-astrazeneca-staff-targeted-in-cyber-attack-allege-reports/240603

 

nTreatment

An insecure database exposed thousands of patient records stored by nTreatment, a company that provides electronic records to doctors and psychiatrists. SiliconAngle: https://siliconangle.com/2020/12/01/patient-records-stored-electronic-health-company-found-exposed-online/

 

Huntsville City Schools

Huntsville City Schools in Alabama closed for an entire week due to a ransomware cyberattack that shut down in-person and virtual learning. WAFF48:https://www.waff.com/2020/12/01/huntsville-city-schools-remains-closed-this-week-due-cyber-attack/

 

Stuller

A Lafayette-based jewelry manufacturer, Stuller, experienced a cyberattack last weekend that is expected to cause delays to shipments. The Advocate:https://www.theadvocate.com/acadiana/news/business/article_4d51c4da-3405-11eb-b106-5719c12d1544.html

 

Philabundance

A Philadelphia hunger-relief group lost almost $1m in a cyberattack that took place during the summer. Philly Voice: https://www.phillyvoice.com/philabundance-cyberattack-theft-1-million-dollars/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.