Weekly Breach Report – September 8th

Thales Group

IBM security researchers discovered a potential vulnerability in IoT software made by a subsidiary of France’s Thales, and used in numerous internet-connected devices, including insulin pumps. Mass Device: https://www.massdevice.com/ibm-uncovers-software-vulnerability-that-could-affect-insulin-pumps/

Cisco

US technology conglomerate Cisco warned users of an active zero-day vulnerability that impacts any device running its IOS XR software. The Hacker News:https://thehackernews.com/2020/09/cisco-issue-warning-over-ios-xr-zero.html 

Apple

Researchers discovered the first Mac malware accidentally notarized by Apple’s app-screening software. Tech Crunch: https://techcrunch.com/2020/08/31/apple-notarized-mac-malware/

WordPress

Hackers are actively exploiting a vulnerability in WordPress websites running the File Manager plugin. Security firm Wordfence announced that it had blocked more than 450,000 exploits attempts in the past few days. Ars Technica: https://arstechnica.com/information-technology/2020/09/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/

Paytm Mall

A cybercrime group breached Paytm Mall’s databases, impacting all accounts and related information on this Indian e-commerce platform. Times of India: https://timesofindia.indiatimes.com/business/india-business/paytm-mall-suffers-massive-breach-ransom-demanded-report/articleshow/77833622.cms  

Norway

A cyberattack hit the Norwegian parliament, and several email accounts of elected officials were hacked. ZDNet: https://www.zdnet.com/article/norwegian-parliament-discloses-cyber-attack-on-internal-email-system/ 

New South Wales drivers licenses

Hackers breached an unnamed commercial company in Australia, and stole thousands of New South Wales drivers’ personal information. ZDNet: https://www.zdnet.com/article/unknown-commercial-entity-blamed-for-nsw-drivers-licence-data-breach/

Evilnum

Researchers discovered that the Evilnum hacking group had updated its infection chain to deploy a Python RAT to gather information, capture keystroke data, open an SSH shell, and more. The Hacker News: https://thehackernews.com/2020/09/evilnum-hackers.html 

Middle East and North Africa

A strain of Thanos ransomware hit government-run organizations in the Middle East and North Africa. Cyberscoop: https://www.cyberscoop.com/ransomware-thanos-middle-east-palo-alto_networks/ 

Telmate

A cyberattack hit Telmate, a prison phone service, exposing the contact and other data of millions of inmates. Endgadget: https://www.engadget.com/telmate-millions-inmate-data-exposed-041456225.html 

Excel malware

A new malware game uses malicious Excel files compiled with EPPlus, giving them a higher chance of evading security systems. ZDNet: https://www.zdnet.com/article/malware-gang-uses-net-library-to-generate-excel-docs-that-bypass-security-checks/ 

Like the report? Sign up below and get it in your inbox.