Categories
APT Breach Bug CVE Cyber Security Data leak Hacking Malware Maze Misinformation Phishing Ransomware Scam Skimming Spam Vulnerability Zero-day

Bitcoin wallet emptied of $1B ahead of US election, Over 23,600 hacked databases leaked on Telegram, and more

Major cybersecurity events on 4th November 2020 (Evening Post): Cannabis growers’ community website exposes more than 3.4 million user records, passwords. Maze clients turn to Sekhmet ransomware group’s Egregor as a substitute. Microsoft store games abused for Windows privilege escalation.

Round Up of Major Breaches and Scams

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. Someone has transferred almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet to another wallet. It is still unclear if the funds were transferred by the owner themselves, or if someone has hacked the wallet.

Police to Livestream Ring Camera Footage of Mississippi Residents

Pilot program again sparks privacy fears from ACLU as Amazon takes its partnership with law enforcement to the next level. Police in Mississippi are testing a program in which they can livestream video from Ring cameras installed at private homes and businesses. The move is sounding an alarm bell with the American Civil Liberties Union (ACLU) and other privacy advocates who have long disapproved of the Amazon-owned company’s alliance with law enforcement.

23,600 hacked databases have leaked from a defunct ‘data breach index’ site

More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels in what threat intel analysts are calling the biggest leak of its kind. The database collection is said to have originated from Cit0Day.in, a private service advertised on hacking forums to other cybercriminals. Cit0day operated by collecting hacked databases and then providing access to usernames, emails, addresses, and even cleartext passwords to other hackers for a daily or monthly fee.

Weak Hash Exposes Millions of Passwords on Cannabis Site

A community website for cannabis growers has unwittingly exposed over 3.4 million user records, including information on individuals from countries where the plant is illegal, according to researchers. Bob Diachenko discovered the unprotected database on October 10, although it was indexed by the BinaryEdge search engine on September 22. It belonged to GrowDiaries, a site which allows users to share updates on their cannabis plants.

Round Up of Major Malware and Ransomware Incidents

As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor

As the developers of the Maze ransomware announce their exit from the malware scene, clients are now thought to be turning to Egregor as a substitute.  The Maze group has been a devastating force for companies that have fallen victim to the cybercriminals over the past year. What has separated Maze in the past from many other threat groups are practices following infection. Maze would attack a corporate resource, encrypt files or just focus on stealing proprietary data, and then demanded payment in cryptocurrency.

Round Up of Major Vulnerabilities and Patches

Another Chrome zero-day, this time on Android – check your version!

We advised everyone to look for a Chrome or Chromium version number ending in .111, given that the previous mainstream version turned out to include a buffer overflow bug that was already known to cybercriminals. Loosely speaking, if the crooks get there first and start exploiting a bug before a patch is available, that’s known as a zero-day hole. The name comes from the early days of software piracy, when game hackers took brand new product releases and competed to see who could “crack” them first.

Games in Microsoft Store Can Be Abused for Privilege Escalation on Windows

A researcher at cybersecurity services provider IOActive has identified a privilege escalation vulnerability in Windows that can be exploited by abusing games in the Microsoft Store. The flaw, tracked as CVE-2020-16877 and rated high severity, affects Windows 10 and Windows Server. It was patched by Microsoft with its Patch Tuesday updates for October 2020. Donato Ferrante, principal security consultant at IOActive and the researcher credited for reporting the vulnerability to Microsoft, this week published a blog post detailing CVE-2020-16877 and some theoretical attack scenarios.

Google squashes two more Chrome bugs under active attacks

The updates come on the heels of news of attacks exploiting another zero-day in Chrome in tandem with a previously-unknown Windows flaw. Two weeks after patching an actively-exploited vulnerability affecting Chrome for desktop, Google is squashing another zero-day bug in the browser’s version for Windows, macOS, and Linux, as well as pushing out an update for Chrome for Android that plugs yet another security loophole that is being exploited in the wild.