Round Up of Major Breaches and Scams
2.5 million medical records containing sensitive and confidential data have been exposed by a New York-based artificial intelligence company called Cense. Jeremiah Fowler a researcher and co-founder of Security Discovery on 7th July discovered the exposed data potentially risking millions of lives and identities openly. It is worth noting that the details of the beach were only shared recently on 17th August.
Netherlands-based ethical hacker Jelle Ursem, in association with Databreaches.net, uncovered nine data breach incidents at multiple health care providers. The data breach exposed medical records of over 200,000 U.S. patients. In a security report, Ursem stated that the data leaks occurred after a developer exposed login credentials on the public software developer platform GitHub. The GitHub repositories included personally identifiable information (PII) and Protected Health Information of patients with a few simple searches.
Round Up of Major Malware and Ransomware Incidents
Threat actors have enhanced a banking trojan that has been widely used during the COVID-19 pandemic with new functionality to help it avoid detection by potential victims and standard security protections. Attackers have implemented several new features — including a password-protected attachment, keyword obfuscation and minimalist macro code—in a recent phishing campaign using documents trojanized by the widely used banking trojan IcedID, according to a new report by Paul Kimayong.
British-American cruise operator Carnival Corporation & plc revealed it had detected a ransomware attack on some of its IT systems. In a regulatory filing submitted to the U.S. Securities and Exchange Commission (SEC), Carnival revealed that it had detected a ransomware attack on August 15. A subsequent investigation revealed that the ransomware actors had succeeded in accessing and encrypting some of the corporation’s IT systems as well as in downloading some of its data.
Round Up of Major Vulnerabilities and Patches
Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of 9.4 and impacts Eclipse Jetty versions 9.4.27.v20200227 to 9.4.29.v20200521—a full-featured tool that provides a Java HTTP server and web container for use in software frameworks.
Hackers could hijack user accounts in dozens of fitness and gym mobile applications, even where the two-factor authentication (2FA) mechanism was active. The common ground for all the apps is Fizikal, a management platform from Israel for gyms and sports clubs that allows customers to handle their subscription and class registration. Several vulnerabilities affecting the Fizikal platform could be chained to bypass security checks, enumerate users, bruteforce the one-time password (OTP) for logging in, and get access to a user’s account.
Thanks to technology, jobs that used to require us to physically commute to work can now be done at home in a pair of comfy pajamas. A 2018 report by Global Workplace Analytics showed that over 5 million Americans work remotely. This trend doesn’t look like it’ll slow down any time soon, and there are plenty of good reasons for that: remote work has been linked to a panoply of benefits for workers, as well as fewer overhead costs for employers.
Some Huawei phones are set to stop receiving software updates after a US reprieve, which allowed some trade with Huawei, lapsed last week. According to the Washington Post, the reprieve expired last Thursday, and provided some exceptions to a trade ban which the Trump administration imposed last year on Huawei. The ban generally prohibited US companies from exporting technology to Huawei, but the reprieve allowed US software providers to continue sending updates and patches to Huawei.