Polyverse Weekly Breach Report

breach_report

A snapshot of last week’s reported breaches and vulnerabilities

Apple MacOS Mojave
A zero-day vulnerability in Apple Mojave was disclosed on the same day that the version of the MacOS operating system left beta and became available to the public. To read more: https://www.zdnet.com/article/macos-mojave-zero-day-privacy-bypass-bug-revealed-on-the-day-of-download/

SHEIN
US online fashion retailer SHEIN suffered a significant data breach after a hacker stole the personally identifiable information of 6.5 million customers. The attack began in June and lasted until August when the company became aware of the breach. To read more: https://thehackernews.com/2018/09/shein-data-breach.html

Facebook
Facebook said that an attack on its computer network led to the exposure of 50 million users’ personal information. The attackers exploited a feature in Facebook’s code that allowed them to take over a user’s account. To read more: https://www.nytimes.com/2018/09/28/technology/facebook-hack-data-breach.html

Port of San Diego
Two major international ports were cyber attacked within the space of a week. Both Barcelona, Spain and San Diego, California reported attacks. The port authorities have not revealed any details about the nature of the attacks. To read more: https://www.zdnet.com/article/port-of-san-diego-suffers-cyber-attack-second-port-in-a-week-after-barcelona/

Chegg
A US-based education technology company plans to reset passwords for 40 million users after discovering a security incident that occurred in April of this year. The hack was discovered on September 19th. To read more: https://www.zdnet.com/article/chegg-to-reset-passwords-for-40-million-users-after-april-2018-hack/

UK Conservative Party
A mobile conferencing app used by the UK Conservative Party leaked the private details of people who registered to attend conferences via the app. These private details included party members and UK government officials. To read more: https://www.zdnet.com/article/uk-conservative-party-conference-app-leaks-mps-personal-details/

NewsNow
An online news aggregation service has admitted that it suffered a security breach. The service sent an email to its users acknowledging the incident and that “an encrypted version of your password may have been accessed.” To read more: https://www.grahamcluley.com/newsnow-suffers-security-breach-passwords-should-be-considered-compromised/

United Nations
The United Nations experienced a data breach that leaked passwords and other sensitive information. A variety of misconfigured apps including Trello Jira and Google Docs were the cause of the breach. To read more: https://www.macobserver.com/news/united-nations-data-breach/

SingHealth
The server that was exploited by hackers which led to the breach of SingHealth’s critical systems had not received security software updates for more than a year. To read more: https://www.straitstimes.com/singapore/hacked-singhealth-server-had-not-had-security-update-for-14-months-cyber-attack-coi-finds

Reported Vulnerabilities

Cisco
Cisco has provided users a patch for its Video Surveillance Manager software to erase hardcoded default credentials for the root account. The company is urging users to patch immediately. To read more: https://www.zdnet.com/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/

Linux kernel
Security researchers published a Proof of Concept attack that exploits an integer overflow vulnerability in the Linux kernel. This bug could allow an unprivileged user to gain superuser access to the targeted system. To read more: https://thehackernews.com/2018/09/linux-kernel-vulnerability.html

UEFI Rootkit
Researchers have found what they claim to be the first-ever UEFI rootkit being used in the wild. Called LoJax, the rootkit is part of a malware campaign conducted by APT28 to target several governments. To read more: https://thehackernews.com/2018/09/uefi-rootkit-malware.html

iPhone XS
The Chinese hacking team Pangu managed to jailbreak iOS 12 running on a brand-new iPhone XS. To read more: https://thehackernews.com/2018/09/ios12-iphone-jailbreak-exploit.html

Telegram
A bug was found in Telegram’s desktop clients for Windows, Mac, and Linux that reveals users’ IP addresses during voice calls. Telegram has patched the vulnerability. To read more: https://www.zdnet.com/article/telegram-fixes-ip-address-leak-in-desktop-client/

Apple’s Device Enrollment Program
Security researchers discovered an issue with the Apple Device Enrollment Program that allows organizations to manage MacBooks and iPhones. Duo Security was able to use device serial numbers to gain access to sensitive data. To read more: https://betanews.com/2018/09/27/apple-device-enrollment-program-security-vulnerability/

Want to learn more?

Sign up below and receive these reports and more directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.