Polyverse Weekly Breach Report – Jan. 20th 2020

Jan 20, 2020By Shaina Raskin

 

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

PayPal

PayPal confirmed that a researcher found a high-severity security vulnerability that could expose user passwords. PayPal patched it in December. To read more: https://www.forbes.com/sites/daveywinder/2020/01/10/paypal-confirms-high-severity-password-security-vulnerability/#39f4af461b50

Citrix

Proof-of-concept exploit code for a vulnerability in Citrix enables attackers to take over devices and access internal networks. The vulnerability is considered one of the most dangerous bugs disclosed in recent years. To read more: https://www.zdnet.com/article/proof-of-concept-code-published-for-citrix-bug-as-attacks-intensify/

Australia bushfires donations

Attackers compromised a website collecting donations for victims of the Australia bushfires. To read more: https://www.bleepingcomputer.com/news/security/australia-bushfire-donors-affected-by-credit-card-skimming-attack/

Medical imaging

Due to insecure storage systems, more than one billion medical images of patients are openly available on the internet. Half of the exposed images belong to patients in the US and include x-rays, ultrasounds and CT scans. To read more: https://techcrunch.com/2020/01/10/medical-images-exposed-pacs/

Cable modems

Danish researchers disclosed a bug in Broadcom chips that affects cable modems. The vulnerability impacts some 200m modems in Europe alone. To read more:https://www.zdnet.com/article/hundreds-of-millions-of-cable-modems-are-vulnerable-to-new-cable-haunt-vulnerability

Microsoft

Researchers at the US National Security Agency discovered a spoofing vulnerability that impacts the Windows CryptoAPI, a core component of the Windows OS. Microsoft has released a patch for the bug. To read more:https://www.zdnet.com/article/microsoft-fixes-windows-crypto-bug-reported-by-the-nsa/

Amazon

Amazon fired a number of employees after they shared customer data with a third party, violating company policies. To read more: https://techcrunch.com/2020/01/10/amazon-employees-email-address/

https://upscri.be/9816bc

United Nations

Emotet trojan operators posed as the Permanent Mission of Norway to phish users at the United Nations. The phishing campaign targeted 600 unique email addresses. To read more: https://www.bleepingcomputer.com/news/security/united-nations-targeted-with-emotet-malware-phishing-attack/

Android fleeceware apps

Researchers discovered 25 so-called fleeceware apps that were downloaded and installed by more than 600m Android users. The apps offer free trials but charge customers who do not specifically unsubscribe from a trial even if they have uninstalled the app before the trial period ends. To read more: https://www.zdnet.com/article/more-than-600-million-users-installed-android-fleeceware-apps-from-the-play-store/

P&N Bank

Western Australia’s P&N Bank is informing customers that a data breach exposed sensitive personal information. To read more: https://www.zdnet.com/article/p-n-bank-discloses-data-breach-customer-pii-account-information-stolen/

Oracle

Oracle patched 334 vulnerabilities across all its product families in its January patch update. This ties with Oracle’s previous, July 2019, all-time high for the number of patches issued. To read more:https://threatpost.com/oracle-cpu-all-time-patch-high-january/151861/

BlackVue

An app that lets BlackVue dashcam users broadcast their camera feed is enabling hackers to scrape and store the real-time location of drivers. To read more: https://www.vice.com/en_us/article/wxedxb/blackvue-dashcams-users-location-tracked

Greece

Multiple Greek government websites are down following a cyberattack. This is causing communication issues between all Greek embassies and diplomatic missions. To read more: https://greekcitytimes.com/2020/01/20/greek-embassies-and-consulates-face-major-headache-after-turkish-cyber-attack/

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.