Polyverse Weekly Breach Report

breach_report

A snapshot look at the breaches and reported vulnerabilities of last week

London Heathrow Airport security

A memory stick containing sensitive information about the airport was reportedly found in the street. At least 174 documents were on the unencrypted USB drive including security measures put in place to protect government and foreign dignitaries. To read more: https://www.welivesecurity.com/2017/10/30/heathrow-security-plans-found-on-usb-stick-left-in-the-street/

Google’s bug database

A series of flaws in Google’s bug tracker let a security researcher gain access to critical vulnerabilities. By spoofing a corporate email address, he was able to gain access to the back-end of the system. To read more: http://www.zdnet.com/article/google-bug-tracker-flaw-exposed-sensitive-security-vulnerability-reports/

Line 204

The Hollywood production studio was the latest victim of the Dark Overlord hacking group. Line 204 became aware of the hack last week. To read more: https://hotforsecurity.bitdefender.com/blog/another-hollywood-studio-is-hacked-by-the-dark-overlord-19175.html

ONI Ransomware

Ransomware is being used to hide an elaborate hacking campaign that went undetected for months before attackers encrypted hundreds of machines at once in an effort to remove stolen data. The campaign targeted several Japanese organizations. The name comes from the .oni file extension of encrypted files, which translates to Night of the Devil. To read more: http://www.zdnet.com/article/this-destructive-wiper-ransomware-was-used-to-hide-a-stealthy-hacking-campaign/

Denver Art Museum

The museum warned 800 people of a data breach that included sensitive personal and financial information about its donors, customers, and current and former employees. To read more: http://www.denverpost.com/2017/10/30/denver-art-museum-data-breach-800/

Verticalscope.com

The Canadian company that manages popular Web discussion forums announced that 45 million user accounts were compromised in a breach earlier this year. To read more: https://krebsonsecurity.com/2017/11/2nd-breach-at-verticalscope-impacts/

Reported Vulnerabilities

ReCaptcha

Google’s reCaptcha service has been cracked with 85% accuracy. The researchers created a tool called unCaptcha that is able to break the audio-challenge option. To read more: https://threatpost.com/googles-recaptcha-cracked-again/128690/

WordPress

WordPress has issued a security patch for a flaw that can be exploited by hackers to hijack and take over websites. The bug is in a security function provided by the core to plugins and themes. To read more: https://www.theregister.co.uk/2017/10/31/wordpress_security_fix_4_8_3/

Oracle

Oracle has released an emergency fix for a vulnerability that allows attackers to access enterprise software without authentication. The fix has been issued with the highest severity score possible. To read more: http://www.zdnet.com/article/oracle-pushes-out-emergency-fix-for-remote-system-hijack-vulnerability/

Circle with Disney

Twenty-three vulnerabilities in Circle with Disney monitoring software were found. The vulnerabilities enable attackers to tap into family members’ activities and spy on every device. To read more: http://www.zdnet.com/article/circle-with-disney-web-filter-riddled-with-vulnerabilities/

Silence Trojan

A new attack is targeting financial institutions leveraging techniques used by the Carbanak hacker group. The Silence group deploys the Silence Trojan after spending long periods of time in a target organization. To read more: https://www.darkreading.com/attacks-breaches/silence-trojan-mimics-carbanak-to-spy-steal-from-banks/d/d-id/1330301?

Google SEO

A group of attackers is using Google search engine optimization for banking related keywords and malicious Word macros to infect users with the Zeus Panda bank credential stealer. The terms suggest they are targeting Norda Sweden and the State Bank of India, among others. To read more: http://www.zdnet.com/article/google-search-results-poisoned-by-banking-trojan-attackers-clever-seo/

WhatsApp

A fake version of WhatsApp was found on the Google Play Store and was downloaded by over a million people. To read more: https://www.theregister.co.uk/2017/11/03/fake_whatsapp_app/

Want to learn more?

Sign up below and receive weekly breach reports directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.