Breach Bug Cyber Security Data leak Defrag Ransomware Vulnerability

860K Webmaster users data leaked online and more

Major cybersecurity events on 8th September 2020 (Evening Post): DoppelPaymer ransomware targets Newcastle University, in response university took down its systems. New study by ImmuniWeb indicates that most cybersecurity companies leak sensitive data. Banco Estado shuts down, after ransomware attack.

Round Up of Major Breaches and Scams

Cybersecurity Companies Expose Data Online

Nearly all cybersecurity companies have exposed sensitive data including PII and passwords online, according to a new study from ImmuniWeb. The security vendor selected 398 of the world’s top security vendors and then scoured surface, dark and deep web sites including hacking forums and marketplaces, WhatsApp groups, public code repositories, social networks and paste websites. It claimed to have discovered verified sensitive data over 631,000 times, with 17% of these “incidents” estimated to have critical risk.

Webmaster Portal Leaks Data on 860K Users

The world’s largest webmaster form has been found wanting in terms of its cybersecurity posture after researchers discovered an unprotected database leaking data on nearly 900,000 users. Digital Point provides a platform for members to chat and buy and sell websites, domains and digital services. Back in July, researchers at WebsitePlanet teamed up with Jeremiah Fowler to discover an Elasticsearch database belonging to Digital Planet that was left online without password protection, exposing nearly 63 million records.

Round Up of Major Malware and Ransomware Incidents

Newcastle University infected with DoppelPaymer Ransomware

UK research university Newcastle University suffered a DoppelPaymer ransomware attack and took its systems offline in response to the attack. UK research university Newcastle University was infected with the DoppelPaymer ransomware, in response to the incident it was forced to take systems offline on the morning of August 30th. The Newcastle University did not provide info about the family of ransomware behind the attack, but the DoppelPaymer ransomware operators are claiming to be responsible.

Chilean bank shuts down all branches following ransomware attack

There’s an update to the situation with Banco Estado, noted previously on this site. Catalin Cimpanu reports: BancoEstado, one of Chile’s three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend. “Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday.

Round Up of Major Vulnerabilities and Patches

Microsoft fixes Windows 10 bug causing excessive SSD defragging

Microsoft has fixed a bug in the Windows 10 version 2004 defragger that caused SSD drives to be defragmented too often. In June 2020, after the Windows 10 May 2020 Update was released, we reported that the operating system’s automatic maintenance feature contained numerous bugs. These bugs would cause SSD drives to be excessively defragged and for the ‘Optimize Drives’ feature to try and use the ‘Trim’ command on non-SSD drives, which do not support it.

Researcher reveals Google Maps XSS bug, patch bypass

Google has resolved an XSS vulnerability in Google Maps that was reported through the tech giant’s bug bounty program. Google’s Vulnerability Reward Programs (VRP) provides a platform for third-party researchers to disclose security issues in Google services and products privately, in return for a financial reward and credit.

Critical Vulnerabilities Expose MoFi Routers to Remote Attacks

Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device. The vulnerabilities were reported to the vendor in May by Rich Mirch, a security researcher at CRITICALSTART. However, some of them remain unpatched. The researcher discovered a total of 10 vulnerabilities affecting MOFI4500 routers, a majority related to the web management interface, which by default is accessible on all network interfaces.