Polyverse Weekly Breach Report – Feb. 3rd 2020

Feb 3, 2020By Shaina Raskin

Breach Report

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Avast Jumpshot

Leaked documents from Jumpshot, a marketing-analytics subsidiary of the antivirus-company Avast, illuminate how people’s internet-browsing histories can be collected and sold, a process that is generally secret. Jumpshot sells information to various companies after repackaging end-user data that was collected by Avast’s antivirus program. Avast says it is now closing down Jumpshot. To read more: https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation

 

Cisco

Cisco has informed users that they must update Firepower Management Center software due to a critical vulnerability. The bug has a severity rating of 9.8 out of 10. To read more: https://www.zdnet.com/article/cisco-patch-this-critical-firewall-bug-in-firepower-management-center/

 

SuperCasino

Online gambling company SuperCasino announced that hackers stole sensitive user data. The company claims that no financial details were compromised. To read more: https://www.computing.co.uk/ctg/news/3085160/supercasino-security-breach

 

Maastricht University

Maastricht University in the Netherlands appears to have paid between €200,000 and €300,000 in ransom to hackers. To read more: https://www.dutchnews.nl/news/2020/01/maastricht-university-thought-to-have-paid-up-to-e300000-to-cyber-hackers/

 

Cineplanet

Researchers uncovered a data leak from Peruvian theater chain Cineplanet. The company’s database was hosted on Microsoft Azure and contained 14m login records and 205m logs of data. To read more: https://www.safetydetectives.com/blog/cineplanet-leak-report/

 

NFL social media accounts

Hackers defaced social-media accounts belonging to the National Football League and 15 different teams. To read more: https://www.zdnet.com/article/hackers-hijack-twitter-accounts-for-chicago-bears-and-green-bay-packers/

 

Zoom

Zoom has added security features to its web-conferencing app in order to address a vulnerability that enabled hackers to join active meetings. To read more: https://thehackernews.com/2020/01/zoom-meeting-password.html

 

Bird Construction

Toronto-based Bird Construction, which has won millions of dollars worth of military and government contracts, suffered a ransomware attack. Hackers stole 60GB of data, and the company has not said whether it paid to get the information back. To read more: https://www.cbc.ca/news/politics/ransomware-bird-construction-military-1.5434308

 

CacheOut attack

Computers running Intel CPUs made before October 2018 are vulnerable to CacheOut, an attack that exploits a hardware issue that enables hackers to leak sensitive data from the OS kernel and secured SGX enclave. To read more: https://thehackernews.com/2020/01/new-cacheout-attack-leaks-data-from.html

 

Azure

Microsoft recently patched two dangerous vulnerabilities in Azure that could have enabled hackers to target businesses running web and mobile apps in the cloud. To read more: https://thehackernews.com/2020/01/microsoft-azure-vulnerabilities.html

 

 

 

 

OpenSMTPD

Researchers found a vulnerability in the OpenSMTPD email server that enables attackers to take control of BSD and Linux servers. To read more: https://thehackernews.com/2020/01/openbsd-opensmtpd-hacking.html

 

Ransomware

The average cost to recover from ransomware doubled during the past year, and now stands at $84,116. Included in this total is lost revenue, damage to brand, and hardware replacement and repair. To read more: https://www.forbes.com/sites/leemathews/2020/01/26/average-cost-to-recover-from-ransomware-skyrockets-to-over-84000/#2d2a517313a2

 

LabCorp

A security flaw in LabCorp’s website exposed thousands of medical documents. This is the second data breach in the past year at the company. To read more:https://techcrunch.com/2020/01/28/labcorp-website-bug-medical-data-exposed/

 

Greenville Water

A South Carolina water company is recovering from a cyberattack that took down its phone and online payment systems. To read more: https://www.infosecurity-magazine.com/news/cyber-attack-on-greenvillewater/

 

Emergency Alert Systems

A security vulnerability that was discovered in Emergency Alert Systems seven years ago still has not been patched. To read more: https://securityledger.com/2020/01/seven-years-later-scores-of-eas-systems-sit-un-patched-vulnerable/

 

Cornerstone Payment Systems

Cornerstone Payment Systems left a database open on the internet containing 6.7m records of payment transactions. The company handles payment processing for ministries and other religious entities. To read more: https://techcrunch.com/2020/01/28/cornerstone-payments-credit-cards/

 

United Nations offices

The United Nations was hacked via a Microsoft Sharepoint vulnerability. Malware was found on 40 servers. To read more: https://www.computing.co.uk/ctg/news/3085225/united-nations-offices-hacked

 

SpiceJet

A breach at SpiceJet, one of India’s largest privately owned airlines, exposed data on more than 1.2m passengers. To read more: https://techcrunch.com/2020/01/30/spicejet-breach-millions-passengers/

 

Social Captain

This startup exposed thousands of Instagram account passwords. The company, which provides a service to help users grow their Instagram follower counts, was storing passwords in unencrypted plaintext. To read more:https://techcrunch.com/2020/01/30/social-captain-instagram-passwords/

 

Access Health

The health-insurance marketplace Access Health Connecticut reported that 1,100 consumers’ personal information was compromised in a data breach. To read more:https://fox61.com/2020/01/30/access-health-reports-over-1000-consumers-information-compromised-in-data-breach/

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.