Polyverse Weekly Breach Report

breach_report

A snapshot of last week’s reported breaches and vulnerabilities

Google+
Google is shutting down its social-media network after belatedly disclosing a data breach that exposed the data of 500,000 users. An API enabled third-party developers to access user names, email addresses and other personal information. To read more: https://thehackernews.com/2018/10/google-plus-shutdown.html

Grey-hat hacker
A grey-hat hacker is breaking into people’s MikroTik routers and patching the devices so they can’t be abused. The hacker claims to have disinfected more than 100,000 routers. To read more: https://www.zdnet.com/article/a-mysterious-grey-hat-is-patching-peoples-outdated-mikrotik-routers/

Pentagon
Pentagon officials said that the Department of Defense had suffered a security breach at the hands of a third-party contractor. Roughly 30,000 DoD military and civilian personnel are thought to be affected. To read more: https://www.zdnet.com/article/pentagon-discloses-card-breach/

FitMetrix
The data of an unknown number of FitMetrix users were left exposed online. The fitness-and-health software company’s servers were not secured with an access password, which enabled anyone who knew their IP address to access the information. To read more: https://www.zdnet.com/article/fitmetrix-user-data-exposed-via-passwordless-elasticsearch-server-cluster/

Assassin’s Creed Odyssey
Assassin’s Creed Odyssey, a video game, was hit by a DDoS attack last Friday. To read more: https://www.grahamcluley.com/assassins-creed-odyssey-suffers-ddos-attack-at-launch/

Reported Vulnerabilities

MikroTik router
A researcher from Tenable Research released a proof-of-concept remote-command-execution attack for an old directory-traversal vulnerability that was discovered and patched in April. The vulnerability is considered critical because the RCE attack enables attackers to remotely execute code on affected devices and gain full root access. To read more: https://thehackernews.com/2018/10/router-hacking-exploit.html

Adobe
Adobe’s latest security update addresses 11 vulnerabilities in Adobe Digital Editions, Framemaker and Technical Communications Suite. Four of the vulnerabilities are rated critical. To read more: https://thehackernews.com/2018/10/adobe-security-updates.html

WhatsApp
A security researcher found a critical vulnerability in WhatsApp messenger that could enable hackers to take remote control of the app via a video call. The vulnerability is a memory heap overflow issue that is triggered when a user receives a specially crafted malformed real-time transport protocol packet. To read more: https://thehackernews.com/2018/10/hack-whatsapp-account-chats.html

Microsoft JET
A vulnerability in Microsoft JET’s database engine is still open even after Microsoft shipped patches earlier last week. The vulnerability was a zero-day and is critical because JET is included in all versions of Windows. To read more: https://www.zdnet.com/article/microsoft-jet-vulnerability-still-open-to-attacks-despite-recent-patch/

Google Play trojan
A new trojan that passes itself off as Google Play on Android smartphones was discovered by researchers. To read more: https://www.zdnet.com/article/this-trojan-masquerades-as-google-play-to-hide-on-your-phone/

Want to learn more?

Sign up below and receive these reports and more directly in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.