Polyverse Weekly Breach Report


A snapshot look at the breaches and reported vulnerabilities of last week


The semiconductor company warned Chinese firms about Meltdown and Spectre vulnerabilities before informing the US government. To read more: https://www.theregister.co.uk/2018/01/29/intel_disclosure_controversy/


Car-sharing service GoGet issued a statement alerting customers to unauthorized activity on its system. A hacker used the information gathered to access vehicles without consent. The information compromised included personal information. To read more: http://www.zdnet.com/article/goget-fleet-booking-system-accessed-alleged-attacker-charged/


Trend Micro spotted YouTube ads running JavaScript that mine Monero digital coins. To read more: https://www.grahamcluley.com/stop-dilly-dallying-block-ads-youtube/


Security researchers have found flaws in Bluetooth based panic buttons. The vulnerabilities render the products essentially useless. To read more: https://www.theregister.co.uk/2018/01/29/bluetooth_panic_buttons_hackable/


This fitness app accidentally mapped out US military bases and secret facilities based on data it collected from wearables using the software. To read more: http://www.zdnet.com/article/strava-anonymized-fitness-tracking-data-government-opsec/

Spectre and Meltdown

An antivirus-testing firm has identified 139 samples of malware attempting to exploit Spectre and Meltdown. To read more: http://www.zdnet.com/article/meltdown-spectre-malware-is-already-being-tested-by-attackers/


North Korean hackers exploited a critical flaw in Adobe Flash against South Korea. The bug is a use-after-free vulnerability that allows remote code execution. Adobe says the flaw will be patched the week of February 5th. To read more: https://www.darkreading.com/vulnerabilities—threats/adobe-to-patch-flash-zero-day-discovered-in-south-korean-attacks/d/d-id/1330962


Cisco is being criticized for releasing software that fixed a bug with the highest severity rating 80 days before telling customers how dangerous the flaw was. To read more: http://www.zdnet.com/article/cisco-waited-80-days-before-revealing-it-had-been-patching-its-critical-vpn-flaw/

Reported Vulnerabilities


A bug in Oracle’s Micros point-of-sale systems could be leveraged to compromise and download a company’s business data. An attacker can gain unauthenticated read/write access to the machines’ databases. To read more: http://www.zdnet.com/article/oracle-micros-point-of-sale-systems-to-security-flaw/


Researchers have found multiple flaws in IT-helpdesk software known as ManageEngine. Seven vulnerabilities were discovered, each enabling an attacker to take control of host servers running the suite of applications. To read more: https://threatpost.com/multiple-critical-flaws-found-in-zohos-manageengine/129709/

Smominru miner

A massive cryptocurrency mining botnet has taken over half a million machines by using the EternalBlue exploit. The botnet turns infected machines into miners of Monero and is believed to have made $3.6 million since it started operating. To read more: http://www.zdnet.com/article/a-giant-botnet-is-forcing-windows-servers-to-mine-cryptocurrency/

JenX Botnet

Researchers have discovered a new botnet that uses vulnerabilities linked with Satori and leverages the Grand Theft Auto video-game community to infect certain local devices. The vulnerabilities affect certain Huawei and Realtek routers. To read more: https://threatpost.com/jenx-botnet-has-grand-theft-auto-hook/129759/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.