Polyverse Weekly Breach Report – Mar. 16th 2020

Mar 16, 2020By Shaina Raskin

Breach Report

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

AMD

AMD processors produced from 2011 to 2019 are vulnerable to two side-channel attacks. These could exploit a cache-related vulnerability to leak sensitive data. To read more: https://thehackernews.com/2020/03/amd-processors-vulnerability.html

 

Hacking tools

Attackers are injecting existing hacking tools with a remote-access trojan and then baiting other hackers with the altered tools. The modified tools open backdoors in the victim-hackers’ systems as well as any systems that these hackers have already breached. To read more: https://techcrunch.com/2020/03/09/hacking-the-hackers/

 

SMBv3

Microsoft issued a warning about an unpatched, wormable vulnerability affecting Server Message Block (SMB) version 3.0. An attacker can exploit the vulnerability to execute arbitrary code on the target SMB server or client. To read more: https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html

 

DRAM

To mitigate a vulnerability in dynamic random access memory (DRAM) chips, manufacturers added so-called target row refresh defenses on DDR4 DRAMs. These defenses may prove insufficient, however, as they ultimately fail to prevent bad actors from executing bit-flip attacks. To read more:https://thehackernews.com/2020/03/rowhammer-vulnerability-ddr4-dram.html

 

Coronavirus outbreak maps

Hackers are spreading malware using illegally copied maps and dashboards of the novel coronavirus outbreak. The maps can trick users into downloading and running malicious applications. To read more: https://thehackernews.com/2020/03/coronavirus-maps-covid-19.html

 

Android cookie malware

A new strain of malware steals users’ authentication cookies from web browsers and other apps installed on their devices. To read more: https://thehackernews.com/2020/03/android-cookies-malware-hacking.html

 

Manheim Auctions

A car-auction company from Australia was hit by a malware attack that demanded AU$30m in ransom. The attack locked staff out of IT systems for several weeks. To read more: https://ia.acs.org.au/article/2020/international-car-sales-firm-hit-with–30m-cyber-ransom.html

 

 

 

 

Melbourne Polytechnic

Australia’s Melbourne Polytechnic issued a security alert after a hacker logged in to its systems and accessed 55,000 files, potentially compromising personal data. To read more: https://portswigger.net/daily-swig/australia-data-breach-90-000-staff-students-suppliers-impacted-at-melbourne-polytechnic

 

Czech hospital

A Czech hospital was hit by a cyberattack in the middle of the COVID-19 outbreak. The attack postponed surgical appointments and forced patients to be routed to other hospitals. To read more: https://www.zdnet.com/article/czech-hospital-hit-by-cyber-attack-while-in-the-midst-of-a-covid-19-outbreak/

 

Princess Cruises

Princess Cruises suspended operations due to COVID-19 and has now reported that a data breach may have compromised passenger data. To read more: https://www.darkreading.com/attacks-breaches/princess-cruises-confirms-data-breach/d/d-id/1337311

 

Open Exchange Rates

Open Exchange Rates announced a data breach that exposed customers’ personal information as well as salted and hashed passwords.To read more: https://www.bleepingcomputer.com/news/security/open-exchange-rates-data-breach-affects-users-of-well-known-orgs/

 

Radio.com

Entercom, a US radio company, announced a data breach related to its Radio.com domain. A hacker accessed the backup cloud database, which contained user data. To read more: https://www.welivesecurity.com/2020/03/13/radiocom-users-affected-data-breach/

 

University of Kentucky and its UK HealthCare

The University of Kentucky finally rebooted its computer systems after a month-long cyberattack. To read more: https://www.kentuckynewera.com/web/article_3fa032a4-a303-56a9-951b-040428aa23a6.html

 

Blisk

A browser vendor leaked user data through an exposed Elasticsearch server. The browser belongs to an Estonian company and is tailored for web and app development. To read more: https://www.zdnet.com/article/browser-vendor-leaks-data-via-open-server/

 

 

 

 

 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.