Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

Adobe

Adobe’s product security incident response team accidentally published a private PGP key on a blog. People screenshotted the post which clearly shows both the public and private PGP keys generated by the company. To read more: http://www.zdnet.com/article/adobe-accidentally-releases-private-pgp-key/

Deloitte

Deloitte has confirmed it was targeted by a cyberattack resulting in the theft of confidential documents and emails. To read more: http://www.zdnet.com/article/deloitte-confirms-it-was-hit-by-a-cyberattack-exposing-client-emails/

SVR Tracking

The vehicle-tracking company has been accused of leaving more than half a million records in a leaky AWS S3 bucket. The data includes logins/passwords, emails VIN, IMEI numbers of GPS devices among other information. To read more: https://www.theregister.co.uk/2017/09/25/svr_tracking_records_leak_from_insecure_s3_bucket/

Sonic Drive-In

Sonic has acknowledged a breach affecting an unknown number of store payment systems. The breach may have led to a fire sale on millions of stolen credit and debit accounts. To read more: https://krebsonsecurity.com/2017/09/breach-at-sonic-drive-in-may-have-impacted-millions-of-credit-debit-cards/

Reported Vulnerabilities

MacOS High Sierra

A security researcher dropped a zero-day hours before Apple is expected to roll out the new version. Patrick Wardle, former NSA hacker, posted a video of the hack. To read more: http://www.zdnet.com/article/apple-macos-high-sierra-password-vulnerable-to-password-stealing-hack/

Joomla

A critical vulnerability has remained in the Joomla CMS for the last eight years. It could have allowed malicious hackers to steal every user’s login credentials, including those of administrators. To read more: https://hotforsecurity.bitdefender.com/blog/for-eight-years-hackers-have-been-able-to-exploit-this-password-stealing-flaw-in-joomla-18997.html

Faceliker

Researchers have reported an increase in activity for a Facebook-hijacking malware. The Trojan manipulates accounts in an effort to generate artificial likes for specific content. To read more: https://www.grahamcluley.com/facebook-hijacking-faceliker-malware-is-on-the-rise/

Windows Defender

Researchers have developed a way to bypass Windows Defender that will allow any malware to execute on a Windows machine. The bypass involves the use of a custom-built SMB server. To read more: https://threatpost.com/windows-defender-bypass-tricks-os-into-running-malicious-code/128179/

Linux ELF files

A flaw was found in the way the Linux kernel loads ELF files. Red Hat and Debian are affected by the CVE-2017–1000253 vulnerability. To read more: https://www.theregister.co.uk/2017/09/28/linux_kernel_vuln/

Apple Mac firmware

A flaw in the way the firmware is updated could leave users unprotected. Researchers found that the Extensible Firmware Interface is vulnerable to sophisticated attacks like those exposed in the WikiLeaks Vault 7 data dumps. To read more: http://www.zdnet.com/article/flawed-apple-mac-firmware-updates-may-leave-them-vulnerable-to-attack/

Want to learn more?

Sign up at below and receive weekly breach updates.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.