Polyverse Weekly Breach Report – Nov. 4th

breach_report

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

The Pirate Bay

The Pirate Bay was down for more than a week because of a series of distributed denial-of-service attacks against the torrent website. Attackers flooded the Sphinx search daemon with searches, which crashed the website. To read more: https://thehackernews.com/2019/10/the-pirate-bay-down.html

 

2020 Summer Olympics

According to Microsoft’s Threat Intelligence Center, Russian state-sponsored hackers are targeting anti-doping authorities. The attacks are thought to be connected to the 2020 Olympics, with the latest attack beginning on September 16, shortly after the World Anti-Doping Agency discovered irregularities in a database from Russia’s national anti-doping laboratory. To read more: https://thehackernews.com/2019/10/cyber-attack-tokyo-olympics.html

 

UniCredit Bank

UniCredit, an Italian banking and financial-services company, announced that a security incident leaked the personal information of 3m domestic customers. The company has not disclosed details on how the breach occurred, only that the breach was of a file created in 2015. To read more:https://thehackernews.com/2019/10/unicredit-bank-data-breach.html

 

Georgia

The country of Georgia was hit by a cyberattack that knocked out more than 2,000 websites and the national TV station. To read more: https://www.bbc.com/news/technology-50207192

 

American Cancer Society

The American Cancer Society’s online store fell victim to malware that stole credit-card information. A researcher found the malware buried in obfuscated code that was written to look like analytics. To read more:https://techcrunch.com/2019/10/28/american-cancer-society-credit-card-malware/

 

Linux

Top Linux maintainers believe that CPU security vulnerabilities, such as those that led to the Spectre and Meltdown exploits, will continue to be around for many years. To read more: https://www.zdnet.com/article/top-linux-developer-on-intel-chip-security-problems-theyre-not-going-away/

 

WhatsApp

Facebook filed a lawsuit against the Israeli surveillance firm NSO Group, alleging that it was involved in hacking users of WhatsApp, which is owned by Facebook. Attackers were found exploiting a vulnerability in the encrypted mobile app and using it to remotely install Pegasus spyware on targeted devices. To read more: https://thehackernews.com/2019/10/whatsapp-nso-group-malware.html

 

Kudankulam Nuclear Power Plant

A former analyst tied North Korean malware to a cyberattack on India’s Kudankulam Nuclear Power Plant. The malware likely targeted the plant’s technical information. To read more: https://arstechnica.com/information-technology/2019/10/indian-nuke-plants-network-reportedly-hit-by-malware-tied-to-n-korea/

 

However: the power-plant’s administration denies that a cyberattack would even be possible as the facility is not connected to an outside network or the internet. To read more: https://www.deccanherald.com/national/south/no-cyber-attack-on-kudankulam-nuclear-plant-systems-771810.html

 

Domain-name registrars

The domain-name registrars NetworkSolutions.com, Register.com and Web.com are asking users to reset their passwords because an unauthorized third party accessed customer account information. To read more: https://krebsonsecurity.com/2019/10/breaches-at-networksolutions-register-com-and-web-com/

 

Check out Have I Been Pwned to see if any of your accounts have been exposed by the above breaches.

 

Krystal

This fast-food chain has notified customers of a security breach impacting one of its payment-processing systems. To read more: https://latesthackingnews.com/2019/10/31/us-fast-food-restaurant-krystal-warns-users-of-a-security-breach/

 

GEDmatch

The genealogy website GEDmatch has security vulnerabilities that could enable malicious hackers to extract sensitive genetic markers or even impersonate users’ relatives. To read more: https://www.geekwire.com/2019/univ-washington-researchers-uncover-dna-data-security-flaws-popular-genealogy-website/

 

MessageTap

Chinese hackers are using new malware, dubbed MessageTap, to spy on text messages. The malware is apparently designed and used by the group APT41, known for carrying out state-sponsored espionage. To read more: https://thehackernews.com/2019/10/sms-spying-malware.html

 

MSPs

Bad actors hacked at least 13 managed service providers (MSPs) this year for the purpose of deploying ransomware. Once hackers compromise the network of an MSP, they can quickly infect thousands of computers. To read more: https://www.zdnet.com/article/at-least-13-managed-service-providers-were-used-to-push-ransomware-this-year/

 

Chrome

Google is urging Chrome users to immediately update the web browser in order to patch two high-severity vulnerabilities. Hackers are actively exploiting the vulnerabilities, which are both use-after-free issues. To read more: https://thehackernews.com/2019/11/chrome-zero-day-update.html

 

US Department of the Interior

The US Department of the Interior grounded its fleet of aerial drones over concerns about cyberattacks involving Chinese-made drones. To read more:https://www.cnet.com/news/us-interior-department-to-ground-its-drones-over-chinese-spying-risk/

 

NHS pagers

A security researcher discovered that an amateur radio rig was collecting real-time medical data broadcast by pagers used by the UK’s National Health Service. The details included names, addresses and injuries. To read more: https://techcrunch.com/2019/10/30/nhs-pagers-medical-health-data/

 

sPower

Utah-based renewable-energy company sPower experienced a cyberattack that disrupted communications with several solar and wind installations. This attack is believed to be the first cybersecurity incident to cause a “disruption” as defined by the Department of Energy. To read more: https://www.cyberscoop.com/spower-power-grid-cyberattack-foia/

 

APAC ports

A new study reports that a single cyberattack has the potential to cost major Asia-Pacific ports up to $110bn in damages. Currently, 92% of the economic costs from a potential cyberattack are uninsured. To read more:https://www.zdnet.com/article/one-cyber-attack-can-cost-major-apac-ports-110b/

 

Bed Bath & Beyond

The store Bed Bath & Beyond reported a breach of customer data. A third party gained access to less than one percent of the company’s online customer accounts, but the number of customers affected is still unknown. To read more: https://www.tomsguide.com/news/bed-bath-and-beyond-data-breach

 

Desjardins Group

A data breach that hit Canada’s Desjardins Group impacted all 4.2m members of the financial cooperative. To read more: https://www.reuters.com/article/us-desjardins-databreach/desjardins-group-data-breach-hit-all-4-2-million-members-quebec-finance-minister-idUSKBN1XB4N0

Want to learn more?

Sign up below and receive these reports and more, directly in your inbox.

 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.