Weekly Breach Report – Jul 6th

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

E-commerce hackers

Researchers discovered that hackers are hiding malicious code implants in the metadata of image files to steal payment card information. The Hacker News:https://thehackernews.com/2020/06/image-credit-card-skimmers.html

Roblox

Hackers post “Vote for Trump” messages on the Roblox gaming platform, which has 90m users. Forbes:

https://www.forbes.com/sites/daveywinder/2020/06/30/hackers-post-vote-for-trump-messages-on-gaming-platform-with-90-million-users-roblox-trump2020/#34afc5875f6c

University of California San Francisco

UCSF paid a $1m ransom to recover medical-school data from hackers; the school is the third university targeted by cyberattacks in the past two months. The Mercury News:

https://www.mercurynews.com/2020/06/30/ucsf-pays-1-million-ransom-to-recover-medical-school-data-from-hackers/

Lenovo

Old Lenovo devices are being targeted by hackers who are blackmailing victims for $200-$275 to return their data. TechTimes:

https://www.techtimes.com/articles/250712/20200630/beware-1-000-lenovo-are-wiped-off-by-hackers-asking-for-200-275-ransoms-to-return-data.htm

Apache Guacamole

Researchers discovered multiple reverse RDP vulnerabilities in Apache Guacamole, a remote-desktop application used by system administrators. The Hacker News:https://thehackernews.com/2020/07/apache-guacamole-hacking.html 

Microsoft

Microsoft released out-of-band software updates to patch two vulnerabilities in Windows 10 and various Windows Server editions. The Hacker News: https://thehackernews.com/2020/07/windows-security-update.html

macOS

Researchers discovered a new type of ransomware targeting macOS users that spreads through pirated apps. The Hacker News: https://thehackernews.com/2020/07/macos-ransomware-attack.html

Arizona schools

An analysis of 15 years of school-data breaches identified Arizona as a top target with more than 2.8m private records leaked. Patch:

https://patch.com/arizona/across-az/az-data-breaches-leaked-2-8-million-school-records-2005-report

V Shred

Customer data belonging to fitness company V Shred was exposed online due to misconfigured cloud storage. SiliconAngle: https://siliconangle.com/2020/07/02/customer-data-fitness-company-v-shred-exposed-misconfigured-cloud-storage/

Knoxville Police Department

This Tennessee police department regained access to its in-car computers two weeks after a ransomware attack shut down IT systems. Knox News: https://www.knoxnews.com/story/news/local/2020/06/30/knoxville-police-regain-computer-system-access-after-ransomware-attack/5350331002/ 

Heartland Farm Mutual

This Waterloo, Canada-based insurance company announced that it had experienced a data breach involving access to an employee’s email. Global News:https://globalnews.ca/news/7124198/heartland-farm-mutual-data-breach/

BMW

The personal information of 400,000 UK-based BMW customers is available for sale on an online black market. Tom’s Guide: https://www.tomsguide.com/news/bmw-call-centre-data-breach

MongoDB

A hacker that uploaded ransomware on 23,000 unprotected MongoDB databases gave victims an ultimatum: pay up, or be reported to the European Commission for breaching its General Data Protection Regulation (which applies globally, and could impose hefty fines). SCMagazine:https://www.scmagazine.com/home/security-news/mongodb-hacker-threatens-to-report-breach-to-gdpr/

F5 Networks

F5 Networks, an application-services company, is urging customers to patch a security vulnerability in its BIG-IP networking product immediately. ZDNet: https://www.zdnet.com/article/f5-patches-vulnerability-that-received-a-cvss-10-severity-score/

Like the report? Sign up below and get it in your inbox.