Categories
Breach Brute-force CVE Data leak Hacking Malware Ransomware Trojan Vulnerability

AI firm Cense exposes 2.5m sensitive medical records, IcedID banking trojan adds new evasive tactics, and more

Major cybersecurity events on 18th August 2020 (Evening Post): GitHub data leak incidents affect more than 200,000 patients in the US. Hackers target vulnerabilities in Fizikal, expose information of thousands of users. Trade bans impacts Huawei’s future security updates.

Round Up of Major Breaches and Scams

AI firm exposes 2.5 million sensitive medical records online

2.5 million medical records containing sensitive and confidential data have been exposed by a New York-based artificial intelligence company called Cense. Jeremiah Fowler a researcher and co-founder of Security Discovery on 7th July discovered the exposed data potentially risking millions of lives and identities openly. It is worth noting that the details of the beach were only shared recently on 17th August.

Repository Blunder! GitHub Data Leak Incidents Impact Over 200,000 U.S. Patients

Netherlands-based ethical hacker Jelle Ursem, in association with Databreaches.net, uncovered nine data breach incidents at multiple health care providers. The data breach exposed medical records of over 200,000 U.S. patients. In a security report, Ursem stated that the data leaks occurred after a developer exposed login credentials on the public software developer platform GitHub. The GitHub repositories included personally identifiable information (PII) and Protected Health Information of patients with a few simple searches.

Round Up of Major Malware and Ransomware Incidents

IcedID Trojan Rebooted with New Evasive Tactics

Threat actors have enhanced a banking trojan that has been widely used during the COVID-19 pandemic with new functionality to help it avoid detection by potential victims and standard security protections. Attackers have implemented several new features — including a password-protected attachment, keyword obfuscation and minimalist macro code—in a recent phishing campaign using documents trojanized by the widely used banking trojan IcedID, according to a new report by Paul Kimayong.

Carnival Reveals It Detected a Ransomware Attack on Its Systems

British-American cruise operator Carnival Corporation & plc revealed it had detected a ransomware attack on some of its IT systems. In a regulatory filing submitted to the U.S. Securities and Exchange Commission (SEC), Carnival revealed that it had detected a ransomware attack on August 15. A subsequent investigation revealed that the ransomware actors had succeeded in accessing and encrypting some of the corporation’s IT systems as well as in downloading some of its data.

Round Up of Major Vulnerabilities and Patches

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521—a full-featured tool that provides a Java HTTP server and web container for use in software frameworks.

Gym app management platform exposed info of thousands of users

Hackers could hijack user accounts in dozens of fitness and gym mobile applications, even where the two-factor authentication (2FA) mechanism was active. The common ground for all the apps is Fizikal, a management platform from Israel for gyms and sports clubs that allows customers to handle their subscription and class registration. Several vulnerabilities affecting the Fizikal platform could be chained to bypass security checks, enumerate users, bruteforce the one-time password (OTP) for logging in, and get access to a user’s account.

How your home network can be hacked and how to prevent it

Thanks to technology, jobs that used to require us to physically commute to work can now be done at home in a pair of comfy pajamas. A 2018 report by Global Workplace Analytics showed that over 5 million Americans work remotely. This trend doesn’t look like it’ll slow down any time soon, and there are plenty of good reasons for that: remote work has been linked to a panoply of benefits for workers, as well as fewer overhead costs for employers.

Huawei Phones Unlikely to Receive Security Updates as Trade Ban Begins

Some Huawei phones are set to stop receiving software updates after a US reprieve, which allowed some trade with Huawei, lapsed last week. According to the Washington Post, the reprieve expired last Thursday, and provided some exceptions to a trade ban which the Trump administration imposed last year on Huawei. The ban generally prohibited US companies from exporting technology to Huawei, but the reprieve allowed US software providers to continue sending updates and patches to Huawei.