ACE APT Breach Bug CVE Cyber Security Data leak DDoS Emotet Hacking Malware MiTM Scam Vulnerability

British Airways fined £20M for data breach, Reynolds & Reynolds CEO slapped with tax evasion charge, and more

Major cybersecurity events on 16th October 2020 (Evening Post): Critical SonicWall vulnerability, tracked as CVE-2020-5135, affects 800K firewalls. Adobe patches Magento bugs that lead to code execution and customer list tampering. Office 365 adds protection against MITM attacks.

Round Up of Major Breaches and Scams

BA fined record £20m for customer data breach

British Airways has been fined a record £20m for a data breach in which more than 400,000 customers’ personal details were compromised by hackers in 2018. The fine is the biggest ever issued by the Information Commissioner’s Office (ICO), but a fraction of the £183m fine initially announced last year. This was reduced after investigators accepted BA’s representations about the circumstances of the attack; and was reduced further to take into account the dire financial position of BA since the onset of Covid-19.

Billionaire CEO of software company indicted for alleged $2 billion tax evasion schemes

The billionaire chief executive of Ohio-based Reynolds and Reynolds Co, Robert Brockman, has been indicted on charges of tax evasion and wire fraud conducted over “decades.” The scheme, in which roughly $2 billion was hidden away in offshore accounts and through money laundering, took place between 1999 and 2019, the US Department of Justice (DoJ) said on Thursday.

Office 365 adds protection against downgrade and MITM attacks

Microsoft is working on adding SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to ensure Office 365 customers’ email communication security and integrity. Once MTA-STS is available in Office 365 Exchange Online, emails sent by users via Exchange Online will only one delivered using connections with both authentication and encryption, protecting against both email interception and attacks.

Round Up of Major Malware and Ransomware Incidents

Crytek hit by Egregor ransomware, Ubisoft data leaked

The Egregor ransomware gang has hit game developer Crytek in a confirmed ransomware attack and leaked what they claim are files stolen from Ubisoft’s network. Ubisoft and Crytek are both well-known game developers with corporate headquarters in France and Germany, respectively. This week, the Egregor ransomware game posted archives containing unencrypted files, stating that they were stolen from Ubisoft and Crytek in unrelated attacks.

Round Up of Major Vulnerabilities and Patches

Critical SonicWall vulnerability affects 800K firewalls, patch now

A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team (VERT) and Nikita Abramov of Positive Technologies have been credited with discovering and reporting the vulnerability.

Adobe patches Magento bugs that lead to code execution, customer list tampering

Adobe has released a set of out-of-band security fixes to resolve serious issues in the Magento platform. Published on October 15, the security advisory is outside of the firm’s typical monthly patch cycle and resolves nine vulnerabilities, eight of which are considered either critical or important, as well as one moderate-severity flaw.

Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices

Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack that offers support for many of the core Bluetooth layers and protocols for Linux-based systems such as laptops and IoT devices.

A Vulnerability in Juniper Junos OS Could Allow for Denial of Service

A vulnerability has been discovered in Juniper Junos OS, which could allow for denial of service. Junos OS is a FreeBSD-based operating system used in Juniper Networks routers. This vulnerability specifically affects MX Series routers and EX9200 series switches with Trio-based PFEs configured with IPv6 Distributed Denial of Service (DDoS) protection mechanism enabled. An attacker can exploit this issue to disrupt network protocol operations or interrupt traffic. Successful exploitation of this vulnerability could result in denial of service conditions.