Polyverse Weekly Breach Report – Jan. 27th 2020

Jan 27, 2020By Shaina Raskin

Breach Report

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

Microsoft

Microsoft is warning users that hackers are actively exploiting a new zero-day vulnerability in Internet Explorer. No patch is yet available. To read more:https://thehackernews.com/2020/01/internet-explorer-zero-day-attack.html

 

Email threat detection

BitDam recently published a study on weaknesses in email threat detection. The study found that both Microsoft and Google are poor at finding unknown threats. To read more: https://thehackernews.com/2020/01/email-security-software.html

 

Jeff Bezos

Amazon CEO Jeff Bezos had his mobile phone hacked in 2018—and new research indicates that the hack may have come from the personal account of the crown prince of Saudi Arabia. To read more: https://www.theguardian.com/technology/2020/jan/21/amazon-boss-jeff-bezoss-phone-hacked-by-saudi-crown-prince

 

Tinder

A researcher discovered thousands of Tinder user images publicly available online. To read more: https://nakedsecurity.sophos.com/2020/01/21/what-do-online-file-sharers-want-with-70000-tinder-images/

 

THSuite

Researchers discovered a data breach in THSuite, a point-of-sale system used by the cannabis industry. An unsecured Amazon S3 bucket exposed sensitive data from dispensaries around the US. To read more: https://www.vpnmentor.com/blog/report-thsuite-breach/

 

Microsoft Customer Support

Microsoft disclosed a security breach that took place in December 2019. A database that stored anonymized customer-support analytics was exposed online. To read more: https://www.zdnet.com/article/microsoft-discloses-security-breach-of-customer-support-database/

 

AWS Engineer

An engineer with Amazon Web Services accidentally published customer information to a public GitHub repository. Researchers found a 954MB repository containing resource templates as well as log files from the second half of 2019. To read more: https://www.theregister.co.uk/2020/01/23/aws_engineer_credentials_github/?ck_subscriber_id=512831035

 

Gedia

The group responsible for a recent hack on Travelex launched a cyberattack on Gedia, a German automotive-parts supplier. The attack forced the company to shut down its IT systems and send workers home. To read more:https://www.computerweekly.com/news/252477247/Travelex-hackers-shut-down-German-car-parts-company-Gedia-in-massive-cyber-attack

 

Citrix

Hackers are abusing unpatched systems running Citrix using the disclosed vulnerability CVE-2019-19781. One of the groups attacking these servers is the REvil ransomware gang. Citrix has released a patch for the vulnerability, but some organizations are proving slow to deploy the patch. To read more: https://www.zdnet.com/article/hackers-target-unpatched-citrix-servers-to-deploy-ransomware/

 

Mitsubishi Electric

Mitsubishi Electric was hit by a cyberattack that may have compromised information on government agencies and business partners. Personal data on 8,000 people, including employees, were impacted. To read more: https://www.japantimes.co.jp/news/2020/01/20/business/corporate-business/mitsubishi-electric-cyberattack-china/

 

Website domains

Hackers are attacking and stealing web domains from online businesses. Investigative journalist Brian Krebs reports on one company that had a critical domain stolen by scammers. To read more: https://krebsonsecurity.com/2020/01/does-your-domain-have-a-registry-lock/

 

MDhex

Researchers disclosed six vulnerabilities, collectively referred to as MDhex, that impact seven GE Healthcare devices used to monitor patients’ vital signs. To read more: https://www.zdnet.com/article/mdhex-vulnerabilities-impact-ge-patient-vital-signs-monitoring-devices/

 

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.