Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

Whole Foods

Whole Foods announced that anyone who drank and dined in it’s taprooms and full-service restaurants may have had their card information stolen. To read more: http://www.nafcu.org/News/2017_News/October/Whole_Foods_investigating_data_breach__NAFCU_continues_call_for_national_standard/

Taboola ads

Criminals are abusing Taboola ads on Microsofts MSN.com web portal. By clicking on a Taboola sponsored article it leads to a fake tech support page with the domain name 4vxadfcjdgbcmn[.]ga. To read more: https://www.grahamcluley.com/taboola-ads-scam/

Yahoo

The 2013 data breach that was discovered earlier this year actually affected every single customer account that existed at the time. The breach impacted three billion accounts, which is three times more than first reported. To read more: http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

PledgeMusic

A security bug in the music platform lets anyone log into an account without needing a password. As long as you use the correct email address it does not matter if the password is wrong. To read more: http://www.zdnet.com/article/pledgemusic-security-bug-let-anyone-log-in-without-a-password/

NSA

Russian hackers obtained classified information about NSA cybersecurity programs after breaching a contractor’s computer. The hackers stole the information by exploiting a vulnerability in Kaspersky Lab software that was on his computer. To read more: http://www.securityinfowatch.com/news/12372907/nsa-cybersecurity-program-information-reportedly-stolen-by-russian-hackers

Reported Vulnerabilities

Dnsmasq

Google security engineers found seven flaws in Dnsmasq. The bugs can be exploited over the network to execute malicious code on a vulnerable system and hijack it. To read more: https://www.theregister.co.uk/2017/10/02/dnsmasq_flaws/

WordPress plugins

Three popular plugins suffer from a critical zero-day vulnerability that enables an attacker to take over a website. The bug is a PHP object injection flaw that affects Appointments, Flickr Gallery and RegistrationMagic. To read more: https://www.grahamcluley.com/critical-zero-day-bug-wordpress-plugins/

SoniXCast

A password leak vulnerability in a popular broadcast platform could allow hackers to hack online radio stations. The flaw allows anyone to reveal admin account and password in plaintext for anything hosted on SoniXCast. To read more: http://www.zdnet.com/article/password-leak-put-online-radio-stations-at-risk-of-hijack/

FormBook

The FormBook malware provides users with key logging, taking screenshots, clipboard monitoring grabbing passwords from web pages and emails. Hackers have launched campaigns against defense, aerospace and manufacturing contractors in the US and South Korea with this malware. To read more: http://www.zdnet.com/article/this-cheap-and-nasty-malware-wants-to-steal-your-data/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.