Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

Intel

The semiconductor company warned Chinese firms about Meltdown and Spectre vulnerabilities before informing the US government. To read more: https://www.theregister.co.uk/2018/01/29/intel_disclosure_controversy/

GoGet

Car-sharing service GoGet issued a statement alerting customers to unauthorized activity on its system. A hacker used the information gathered to access vehicles without consent. The information compromised included personal information. To read more: http://www.zdnet.com/article/goget-fleet-booking-system-accessed-alleged-attacker-charged/

YouTube

Trend Micro spotted YouTube ads running JavaScript that mine Monero digital coins. To read more: https://www.grahamcluley.com/stop-dilly-dallying-block-ads-youtube/

Bluetooth

Security researchers have found flaws in Bluetooth based panic buttons. The vulnerabilities render the products essentially useless. To read more: https://www.theregister.co.uk/2018/01/29/bluetooth_panic_buttons_hackable/

Strava

This fitness app accidentally mapped out US military bases and secret facilities based on data it collected from wearables using the software. To read more: http://www.zdnet.com/article/strava-anonymized-fitness-tracking-data-government-opsec/

Spectre and Meltdown

An antivirus-testing firm has identified 139 samples of malware attempting to exploit Spectre and Meltdown. To read more: http://www.zdnet.com/article/meltdown-spectre-malware-is-already-being-tested-by-attackers/

Adobe

North Korean hackers exploited a critical flaw in Adobe Flash against South Korea. The bug is a use-after-free vulnerability that allows remote code execution. Adobe says the flaw will be patched the week of February 5th. To read more: https://www.darkreading.com/vulnerabilities—threats/adobe-to-patch-flash-zero-day-discovered-in-south-korean-attacks/d/d-id/1330962

Cisco

Cisco is being criticized for releasing software that fixed a bug with the highest severity rating 80 days before telling customers how dangerous the flaw was. To read more: http://www.zdnet.com/article/cisco-waited-80-days-before-revealing-it-had-been-patching-its-critical-vpn-flaw/

Reported Vulnerabilities

Oracle

A bug in Oracle’s Micros point-of-sale systems could be leveraged to compromise and download a company’s business data. An attacker can gain unauthenticated read/write access to the machines’ databases. To read more: http://www.zdnet.com/article/oracle-micros-point-of-sale-systems-to-security-flaw/

Zoho

Researchers have found multiple flaws in IT-helpdesk software known as ManageEngine. Seven vulnerabilities were discovered, each enabling an attacker to take control of host servers running the suite of applications. To read more: https://threatpost.com/multiple-critical-flaws-found-in-zohos-manageengine/129709/

Smominru miner

A massive cryptocurrency mining botnet has taken over half a million machines by using the EternalBlue exploit. The botnet turns infected machines into miners of Monero and is believed to have made $3.6 million since it started operating. To read more: http://www.zdnet.com/article/a-giant-botnet-is-forcing-windows-servers-to-mine-cryptocurrency/

JenX Botnet

Researchers have discovered a new botnet that uses vulnerabilities linked with Satori and leverages the Grand Theft Auto video-game community to infect certain local devices. The vulnerabilities affect certain Huawei and Realtek routers. To read more: https://threatpost.com/jenx-botnet-has-grand-theft-auto-hook/129759/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.